Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A distributed denial-of-service (DDoS) attack is an attempt to disrupt the normal traffic of a targeted server. This is done by overwhelming the server, service or network being targeted with a flood of internet traffic, ultimately slowing the server down or causing it to crash completely. Think of it as being like a traffic jam, which causes all the cars on a road to slow down or come to a stop.

On Sept. 29th 2022, cybersecurity organization GTSC publicized a report outlining attacks they have seen in the wild targeting as-yet unpatched vulnerabilities in Microsoft Exchange. When successfully exploited this combination of vulnerabilities results in an authenticated Remote Code Execution (RCE) attack. Until a patch has been issued, Microsoft has posted a security bulletin detailing a workaround.

The market-leading CrowdStrike Falcon® platform, applying a combination of advanced machine learning (ML), artificial intelligence (AI) and deep analytics across the trillions of security events captured in the CrowdStrike Security Cloud, has identified a new supply chain attack pattern during the installation of a chat based customer engagement platform.

The CrowdStrike Falcon Complete™ managed detection and response (MDR) team recently uncovered a creative and opportunistic interpretation of a watering hole attack that leverages GitHub to gain access to victim organizations. In the observed cases, there were no phishing emails, no exploitation of public-facing vulnerabilities, no malvertising and no compromised credentials.

The purpose of vendor risk management is to strike a delicate balance between facilitating the needs of the business by integrating new vendors and ensuring that those same business partners don’t exceed the organization’s risk appetite. Maintaining a healthy balance between those two interests requires leaders to always consider broader business goals when executing VRM strategies.

Ransomware has traditionally revolved around the encryption of victims’ files. But even if encryption remains ransomware groups’ most common approach, it isn’t really their priority–extortion is. Financially-motivated cybercriminals care more about extracting payment from their victims than they do about the particular methods used to achieve that goal.

Cloud applications have opened up limitless opportunities for most organizations. They make it easier for people to collaborate and stay productive, and require a lot less maintenance to deploy, which means they’re much more affordable and easy to scale to your needs. But for all of their benefits, cloud apps also open up your organization to a host of new risks. By enabling users anywhere access to corporate resources you lose the visibility and control that perimeter-based tools provide.

Healthcare leaders are embracing cloud technologies to connect information across the continuum of care, engage more patients, and unlock the potential of health data. While the cloud streamlines healthcare operations, it also presents challenges for organizations that must meet the stringent data security requirements of HIPAA and other security standards.

SSH key management practices reflect the environment in which they were first introduced. The 1Password SSH agent is a big step toward aligning practices with the modern world.