Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Digital forensics methodology is a scientific approach that uncovers and interprets electronic data while you retain control of its integrity for legal proceedings. This systematic process of digital forensics helps reconstruct criminal events with scientific precision by identifying, collecting, and analyzing digital information. The methodology follows a well-laid-out framework that confirms evidence authenticity and admissibility in court.

In November 2024, I participated in SCinet with the Network Security team at SC24. My job was supporting Corelight sensors and threat hunting using the data the sensors produced. This engagement allowed for a very constructive comparison between the networking challenges at SC and Black Hat USA, where I had the honor of working in the Network Operations Center (NOC) a few months earlier. At SC, I felt immersed in the cutting-edge world of research computing with people showcasing the fastest everything.

Organizations across nearly every industry have become reliant on third-party relationships to accomplish their business operations. You’d be hard-pressed to find an organization that doesn’t partner with at least one third-party vendor. However, this growing reliance on vendors has also created an evolving threat landscape—vendors are now prime targets for cyberattacks.

Managing access across multiple AWS accounts is a popular approach to isolating workloads and data. While it provides several benefits to organizing the various operational requirements for the environment, it introduces additional complexity for managing IAM policies and workload permissions. A primary concern is assigning too many permissions to any one source, which increases the risk of an attacker moving within the environment undetected.

Organizations today collect and generate enormous volumes of sensitive data. Much of it is stored in SQL Server databases, making SQL Server security management crucial for protecting critical applications and services. Implementing strong Microsoft SQL Server security measures helps organizations defend against cyber threats and comply with regulations like GDPR, HIPAA, and PCI DSS.

It’s no secret that managing vendor risk is one of the most challenging aspects of any security program—our most recent State of Trust report found that one in two businesses have terminated a vendor relationship due to security concerns. The rapid proliferation of SaaS tools and AI technologies only ups the ante by increasing the complexity of vendor monitoring and oversight. ‍

Researchers at Juniper Threat Labs warn that phishing attacks are utilizing a new obfuscation technique to hide malicious JavaScript. “While investigating a sophisticated phishing attack targeting affiliates of a major American political action committee (PAC) in early January 2025, Juniper Threat Labs observed a new JavaScript obfuscation technique,” the researchers write.