Identity Manager | Angular Web Development #10 | Modifying the Standard Web Portal #4
Video Series: Angular Web Development #10 Part 3: Modifying the Standard Web Portal
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
OneNote documents have emerged as a new malware infection vector
In February 2022, Microsoft disabled VBA macros on documents due to their frequent use as a malware distribution method. This move prompted malware authors to seek out new ways to distribute their payloads, resulting in an increase in the use of other infection vectors, such as password-encrypted zip files and ISO files.
Building a Kubernetes purple teaming lab
Kubernetes, and containerization in general, has a wealth of benefits for many teams operating cloud-native applications. From a threat detection standpoint, however, it is often difficult for newcomers to this space to gain the relevant hands-on experience without trampling over production environments. The Sumo Logic team has previously authored articles on Kubernetes DevSecOps vulnerabilities and best practices as well as Kubernetes logging and monitoring.
Coffee Talk with SURGe: the Interview Series featuring DomainTools
Join David Bianco and special guest Aaron Gee-Clough, Senior Data Engineer at DomainTools for an interview about their collaboration for a research project evaluating the trustworthiness of certificate authorities (CAs) by analyzing five billion TLS certificates using Splunk.
How You Can Save Time During a SOC 2 Audit
POV: an important prospect requires all of their partners to get a SOC 2 audit. You’ve just met with your auditing firm and you’ve been tasked with evidence collection, which sounds like tracking down a lot of people and documents. No one can tell you when the RFP knowledge base was last updated. The sales team is asking how long it will take, and can it go faster? You sit back and wonder the same thing: is it possible, and if so, how?
Coffee Talk with SURGe!
Grab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Audra also shared their stance on AI regulation as part of this week's 60 second charity challenge, with proceeds benefitting the Save Elephant Foundation.
How to configure Zero Trust controls | ManageEngine PAM360
ManageEngine PAM360 is an enterprise-grade unified privileged access management solution that offers strict governance of privileged users, credentials, digital entities, and other shared sensitive information.
SafeBreach Coverage for US-CERT Alert (AA23-129A) - Snake Malware
The Cybersecurity and Infrastructure Security Agency (CISA) shared the findings of an investigation by numerous cybersecurity agencies worldwide on May 9th, exposing the malicious cyberespionage operations carried out by the Russian FSB utilizing the “Snake” malware. The US-CERT Alert (AA23-129A) Hunting Russian Intelligence “Snake” Malware provided information about this investigation and takedown (along with attacker TTPs and IOCs).
CISO Health and Wellness: An Unconventional Solution to a Systemic Challenge
At a swanky steak house on Manhattan’s Upper West Side, I sat with 100 other security professionals in a dimly lit wood-panelled room, its walls lined with photographs of famous and near-famous patrons. Nearly all of us were at least one cocktail into our evening of high gustation, storytelling, and network building. (Old Fashioneds were the drink of choice that evening).