Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

SOC Visibility Triad: R.I.P. or Rebirth?

The SOC Visibility Triad was defined by Dr. Anton Chuvakin at Gartner almost 10 years ago when the cloud was in its early stages. As the shift to highly dynamic, multicloud environments became mainstream over the last few years, some have argued that the “Triad” should be put to rest since it no longer can ensure the visibility needed to maintain effective security across these modern architectures.

How to Prevent and Defend Against Spoofing Attacks

In this age of computers and the internet, cyber risks like spoofing attacks are getting smarter and more harmful. Spoofing is when cybercriminals pretend to be legitimate entities, like companies, people, or websites, in order to trick people into giving up private information or doing malicious activities. Spoofing has big effects, ranging from losing money to having a bad image. Over 90% of phishing attacks happen because of email spoofing alone.

How Bots Exploit Seasonal Bot Traffic to Bypass Defenses

The battle between bots and anti-bot tools is a relentless arms race. Bot operators constantly develop new ways to outsmart defenses, and defenders adapt to counter those tactics. As one side evolves, the other quickly follows suit. This ongoing conflict has grown more intricate over the years. Initially, bots mimicked traits like browsers, IPs, user agents, and mouse and keyboard inputs used by human visitors. These tricks sufficed to bypass primitive defenses.

Become The Master Of Disaster: Disaster Recovery Plan for DevOps

Ensuring business continuity requires more than just robust pipelines and agile practices in DevOps. A well-designed Disaster Recovery Plan is critical to mitigate risks, recover swiftly from failures, and ensure your data and infrastructure integrity. Contents hide 1 Are there any myths related to DR in DevOps?

API Security is Not a Problem You Can Solve at the Edge

In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like assuming a bouncer can stop someone sneaking in through a side door or an open window.

New Yokai Side-loaded Backdoor Targets Thai Officials

DLL side-loading is a popular technique used by threat actors to execute malicious payloads under the umbrella of a benign, usually legitimate, executable. This allows the threat actor to exploit whitelists in security products that exclude trusted executables from detection. Among others, this technique has been leveraged by APT41 to deploy DUSTTRAP and Daggerfly to deliver Nightdoor backdoor.

Unauthenticated Webpages: Hidden HIPAA Risks on Public-Facing Websites

When we think about HIPAA compliance and websites, the focus often shifts to patient portals, online scheduling systems, and other secure areas requiring user authentication. However, it’s crucial to recognize that even unauthenticated webpages, those accessible to the public without logging in, can present hidden HIPAA risks. Let’s explore these often-overlooked vulnerabilities and discuss how covered entities can mitigate potential compliance pitfalls.

Understanding Shadow IT in the Age of AI

With the emergence of artificial intelligence (AI), there has been a flurry of new terms to describe an increasing variety of new problems. Some of those problems have been around for decades but are now more difficult to manage due to the versatility of AI-based tools and applications. One of those ongoing challenges is shadow IT with a new class of problems classified as shadow AI.

Protect and Prosper: Turning Cybersecurity Tools into Revenue-Generating Assets

As threats increase, ranging from data breaches to ransomware attacks, the stakes for organisations to protect their digital assets are higher. However, despite its critical role in protecting organisations from threats, cybersecurity is frequently viewed as an operational cost-a defensive measure to ensure systems run safely but one that does not directly contribute to generating revenue or driving financial growth.