Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The Only Guide For NIST 800-53 You Need: Controls List, Control Examples, Challenges, Implementation Tips

NIST, or the National Institute of Standards and Technology, is a U.S. federal government agency that creates frameworks and publications to manage organisations’ security requirements. NIST has released many Special Publications (SP), each containing several guidelines and security controls. One of the most comprehensive frameworks under NIST is the SP 800-53. Initially designed for federal agencies, this framework has become increasingly relevant for businesses of all sizes.

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.

Ransomware Gangs Evolve: They're Now Recruiting Penetration Testers

A new and concerning cybersecurity trend has emerged. According to the latest Q3 2024 Cato CTRL SASE Threat Report from Cato Networks, ransomware gangs are now actively recruiting penetration testers to enhance the effectiveness of their attacks. This development signals a significant shift in the tactics employed by cybercriminals and underscores the need for organizations to remain vigilant in their defense strategies.

Falcon Data Protection AI-Powered Anomaly Detections: Demo Drill Down

Sensitive data handling often risks accidental exposure. CrowdStrike Falcon Data Protection, part of the powerful CrowdStrike Falcon platform, uses AI-driven anomaly detection to prevent unauthorized data transfers. In this demo, see how quickly Falcon identifies and blocks an attempted transfer of customer PII to a personal Google Drive, generating real-time alerts to help security teams act fast.

Enhancing AKS Backup with CloudCasa and Azure Arc

As Kubernetes adoption continues to grow, Microsoft Azure Kubernetes Service (AKS) has become a popular choice for deploying and managing containerized applications. To meet the increasing demand for data protection, Microsoft has introduced native backup solutions for AKS. However, there are some gaps in the native AKS backup capabilities that may not fully address the needs of enterprises and Managed Service Providers (MSPs), especially those with diverse environments.

How XDR Security Transforms Cyber Risk Management

In 2024, cyber threats are evolving fast. Attackers are using advanced tools like AI-powered malware, ransomware-as-a-service models, and targeted supply chain attacks that can get past traditional security measures. To fight these threats, security teams need tools that can move faster than attackers, giving them a clear view and coordinated responses across their IT ecosystem.

Inside Storm-0940: Uncovering Tactics of a Prolific Chinese Cyber Espionage Group

Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.

Graylog Year of CTFs: A Look Back at Our Biggest Highlights

2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their skills, deepening their knowledge, and having fun along the way.

Data Leakage Protection Solutions on the Rise Amid Increasing Cyber Threats

Protecting their private data is always a task for businesses in today's cyber world, where data breaches and cyberattacks are steadily on the rise. One of the biggest threats to data privacy and security is data leakage, which happens when private information leaves an organization's secure setting either by accident or on purpose. Companies all over the world are realizing they need Data Leakage Protection (DLP) options right away because of the growing number of high-profile data breaches.