What is Network Segmentation #cybersecurityawarenessmonth
Join Payton the Intern and learn about network segmentation and how it can help companies reduce the impacts of breaches and malware such as ransomeware.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Forescout
Effects of a Ransomware Attack #cybersecurityawarenessmonth
Payton the Intern takes us through the potential impacts of a ransomware attack and learn about recent events.
What is Ransomware? #cybersecurityawarenessmonth
Payton the Forescout Intern gives a description of ransomware and its effects on today's organizations.
What is Operational Technology Security? #cybersecurityawarenessmonth
Payton the the Forescout Intern gives a high level explanation of Operational Technology (OT) Security and how it impacts the world.
Learning From OT Compliance Failures: A Quick Guide for CISOs
Here are three examples that are worth your attention. Oh, what could have been avoided.
Microsoft Remote Code Execution for Windows TCP/IP IPv6
Over the past three years, the second Tuesday of each month has turned into a hectic period of planning and remediation, driven by a 25% average annual growth rate in CVEs. Just last Tuesday, Microsoft revealed a critical TCP/IP remote code execution (RCE) vulnerability in the IPv6 stack, which has a CVSS score of 9.8 due to its criticality and ease of exploitation. For a more in-depth look, we recommend these resources.
Cybersecurity Teams, It's Time to End the Dept. of 'No'
In a never-ending effort to do their job and secure their environments, cybersecurity teams often bear the brunt of negative perceptions, labelled as the department of ‘No.’ “No” to admin privileges, “No” to personal devices, and “No” to connecting unapproved technologies. These repeated denials, although done with the best intentions, can stifle innovation and create frustration within organizations. This perception needs to change.
New NIST Zero Trust Guidance Reinforces Agent Hygiene Value
This week, the National Institute for Standards and Technology (NIST) released “Implementing a Zero Trust Architecture (NIST SP 1800-35)” for public comment. The guide is written by NIST’s National Cybersecurity Center of Excellence (NCCoE) in collaboration with 24 cybersecurity companies. Now in its fourth draft, NCCoE has opened up comments for this Zero Trust Architecture (ZTA) guide through Sept. 30, 2024, as part of a 60-day review cycle.
Firmware Vulnerabilities Run Rampant in Cellular Routers
The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.
ICS Malware 'FrostyGoop/BUSTLEBERM': Insights Others Missed
In the last few weeks, there have been a few announcements made about a new malware threat known as FrostyGoop or BUSTLEBERM (as it was originally tracked by Mandiant). It is being recognized as the first custom malware to integrate Modbus for the purpose of causing physical damage. An associated incident has been reported where the malware was used to disrupt heating in Ukrainian homes in the context of a Russian cyberattack.