Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What Is an Insider Threat? Definition, Examples, and Mitigations

An insider threat is a threat to an organization that comes from negligent or malicious insiders, such as employees, former employees, contractors, third-party vendors, or business partners, who have inside information about cybersecurity practices, sensitive data, and computer systems.

Why NHS, UK Healthcare Orgs Need to Boost Their Security in Age of COVID-19

All National Health Service (NHS) and social care organisations in the United Kingdom have always been and will always be a target for bad actors. The nature of their business and the sensitive data they hold make these entities appealing to bad actors who know that legacy systems, and/or, not regularly patched systems, such as those employed by healthcare organizations are easy to penetrate.

The scammer who tried to launder over $500,000 through Business Email Compromise

A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out of hundreds of thousands of dollars. Kenenty Hwan Kim (who sometimes went by the name Myung Kim) took advantage of a simple trick that has proven highly effective to fraudsters in recent years. The method of tricking businesses into handing over large amounts of money is known as Business Email Compromise (BEC), and comes in a variety of flavours.

The Future is Flexibility: How IT Leaders Are Moving Forward

When organizations around the world began shifting their workforces in response to the COVID-19 crisis, the question on everyone’s mind was “When will things go back to normal?” When social media giant Twitter announced it would be allowing employees to work remotely permanently, the conversation took a quick shift: Forget normal, are traditional offices gone for good?

Better Together: Integrations to Make "Work Anywhere" Work

The nature of work these days is collaborative. Teams that work together get more done. But successful collaboration in business goes beyond people; it applies to the tools teams use to get their work done. Never has this been more true than now with the global pandemic that has shut most offices down and led to widespread remote-work situations for employees.

How the COSO Framework Helps You Comply with SOX

In May 2013, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated Internal Control-Integrated Framework. COSO is an organization that aims to improve organizational performance and corporate governance through effective internal control, enterprise risk management, and fraud deterrence.

Make DevSecOps So: Cloud Enterprise+ on AWS Marketplace

JFrog is pleased to announce that our comprehensive Cloud Enterprise+ plan is now available on Amazon Web Services (AWS) Marketplace through Private Offers. JFrog Cloud Enterprise+ on AWS is a universal, highly-available SaaS offering of the JFrog Platform for demanding DevSecOps at global scale.

Securing Azure Active Directory from PowerShell abuse

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.

Stories from the SOC- SSH Brute Force Authentication Attempt

Ervin McBride IV – TDP Engineer II contributed to this article. Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.