CTI Roundup: Microsoft Warns About Mercury and DEV-1084 Attacks on Hybrid Environments
Microsoft’s security advisory on Mercury and DEV-1084 and a report linking Russian hackers to attacks against NATO and the EU.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Microsoft 365 Security Series - Using Azure Active Directory to secure your Microsoft 365 Installation
Microsoft 365 (formerly Office 365) is a Software-as-a-Service (SaaS) that offers a cloud-based version of its popular software productivity suite, including MS Word, Excel, PowerPoint, Outlook, and OneNote. In contrast, Azure Active Directory (Azure AD) is an Infrastructure-as-a-Service (IaaS) that offers a cloud-based version of Active Directory to control identity management and access to virtual resources across an organization.
How Social Engineers Collect Data to Build an Attack
Social engineers may not appear to be sophisticated, but they often methodically research and collect data on their targets. Don't fall for their tricks. In this video, learn how social engineers gather information, how they can impersonate you, and tips for how to stay safe from their tactics. Learn more about how to engage and prepare employees to recognize and neutralize social engineering attacks with Arctic Wolf's Managed Security Awareness.
Login with Teleport. Teleport as a SAML Identity Provider
Starting with Teleport 12.1, Teleport Enterprise teams can now use Teleport as a SAML SSO identity provider. This feature allows teams to use Teleport to authenticate to external services, thereby letting teams use SAML SSO to login to external SaaS apps and internal applications that support SAML. Let’s look at a few examples.
Coffee Talk with SURGe: 2023-APR-18 NSO Group, LockBit macOS Encryptors, AI in CTI, MSFT Taxonomy
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about how generative artificial intelligence could be used in cyber threat intelligence, with proceeds benefiting the ACLU. The trio also discussed Microsoft's new threat actor naming taxonomy and the role of attribution in cyber threat intelligence.
Password Security Best Practices for Businesses
Organizations spend billions of dollars on cybersecurity tools and consultants each year. Beyond traditional tools like firewalls, antivirus software, and System Information and Event Management (SIEM), it is easy to get caught up in sophisticated threat detection using artificial intelligence, machine learning, user behavior and analytics.
Optimizing AppSec by Enhancing Integration with Jira
If there’s one thing we learned in our years of building AppSec technology, it’s that the best tools in the world are useless if they don’t get used. We know from speaking with our customers and industry research that developers won’t use AppSec tools that make their lives harder. Forcing them into cumbersome processes, or making them switch tools and learn a new user interface, will likely lead to AppSec neglect in favor of hitting development deadlines.
The Enterprise Network Cookbook
An enterprise network strategy helps organizations maximize connectivity between end-user devices and applications so they can achieve positive business outcomes. But not all organizations know how to build a comprehensive enterprise network strategy on their own. A new report by Gartner guides Infrastructure & Operations (I&O) leaders in creating a dynamic enterprise network strategy that connects business strategy to implementation and migration plans.
What is Firewall as a Service? #FWaaS Explained | Cato Networks
In this video, Bill answers the questions 'What is a #firewall?' and 'What is a Firewall as a Service (FWaaS)?'. He explains the benefits of #fwaas , provides scenarios where FWaaS can be particularly useful, and highlights some key features to look for in a FWaaS provider.
Demystifying Security Validation Technologies: What You Need to Know About Pen Testing
You can’t predict the future, but you can prepare for it. When it comes to IT (and OT), security validation is the closest to predicting the future as you can get. This is the second post in our series “Demystifying Security Validation Technologies: What You Need to Know,” in which we break down a number of security validation methods available today, provide the strengths and weaknesses of each, and explain how each functions in different IT environments.