%term

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time

Feb 18, 2025 By Michael Haag In Splunk

Windows permission misconfigurations remain a common attack vector in enterprise environments. Attackers consistently leverage these misconfigurations for privilege escalation, with Security Descriptor Definition Language (SDDL) emerging as a blind spot. From LockBit's manipulation of event log permissions to RomCom's exploitation of Task Scheduler vulnerabilities (CVE-2024-49039), SDDL misconfigurations have become a prime target for sophisticated attacks.

Read Post

Splunk

Read more about Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time

How to provision certificates for internal services with Teleport Workload Identity

Feb 18, 2025 By Noah Stride In Teleport

In this day and age, establishing cryptographic trust and encryption between internal services is a must. Without this, attackers who gain access to your internal networks can easily impersonate services and intercept exchanged data. As time has gone on, the potential impact of compromise has only grown as machines are trusted with increasingly sensitive data and completing increasingly important tasks.

Read Post

Teleport

Read more about How to provision certificates for internal services with Teleport Workload Identity

How to Streamline Your Atlassian Tool Stack for Maximum ROI | Webinar miniOrange & Seibert Solutions

Feb 18, 2025 By miniOrange In miniOrange

Are you spending more on Atlassian than you should? Unused add-ons, inactive licenses, and overlapping tools can silently drain your budget. In this exclusive webinar, hosted by miniOrange and Seibert Solutions US, our experts share proven strategies to take control of your Atlassian ecosystem and maximize the return on your investment.

View Video

miniOrange

Read more about How to Streamline Your Atlassian Tool Stack for Maximum ROI | Webinar miniOrange & Seibert Solutions

Navigating third-party risk assessments in the digital era: A technology leader's perspective

Feb 18, 2025 By Tejas Ranade In TrustCloud

These days, businesses lean heavily on third-party vendors to boost efficiency and bring fresh ideas to the table. But with that reliance comes risk — from data breaches to compliance issues to disruptions that can ripple through your entire operation. That’s why it’s so important for technology leaders to put strong Third-Party Risk Assessments (TPRAs) in place.

Read Post

TrustCloud

Read more about Navigating third-party risk assessments in the digital era: A technology leader's perspective

How can Rubrik make my Generative AI aspirations achievable?

Feb 18, 2025 By Rubrik In Rubrik

Did you know 90% of AI pilot projects never make it into production? Let’s make your aspirations achievable. Check out the rest of our videos to learn more about how Rubrik can help.

View Video

Rubrik

Read more about How can Rubrik make my Generative AI aspirations achievable?

Can DSPM Really Help Backup Admins?

Feb 18, 2025 By Rubrik In Rubrik

In this episode of Into the Breach, James Purvis is joined by Filip Verloy to discuss a rarely explored but highly impactful topic: Can DSPM help backup administrators? Together, they dive into how DSPM enhances visibility, optimizes backup strategies, reduces costs, and strengthens cyber resilience. From managing redundant data to supporting recovery efforts during ransomware attacks, this conversation highlights DSPM's potential to revolutionize traditional backup processes while addressing modern regulatory demands.

View Video

Rubrik

Read more about Can DSPM Really Help Backup Admins?

The Rise of Email Marketing Platforms for Business Email Compromise Attacks

Feb 18, 2025 By Maria Katrina Udquin In Trustwave

In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), it was revealed that more than US$55 billion was lost to business email compromise (BEC) attacks between October 2013 and December 2023. This profitability drives attackers to further their techniques and adapt to security filters. BEC is a highly sophisticated and researched scam that aims to bait a specific type of employee or department in a company.

Read Post

Trustwave

Read more about The Rise of Email Marketing Platforms for Business Email Compromise Attacks

Stop API Attackers in Their Tracks: Real-Time Blocking of API Attacks

Feb 18, 2025 By Wallarm In Wallarm

No one needs more security alerts! Wallarm is designed from the ground up to actually block API attacks in real time. Learn how you can defend against API attacks, not just detect them in this webinar. We'll review the basics of API security, along with a demo of the Wallarm platform in action.

View Video

Wallarm

Read more about Stop API Attackers in Their Tracks: Real-Time Blocking of API Attacks

Building a Sustainable PCI DSS 4.0 Compliance Culture

Feb 18, 2025 By Craig Searle In Trustwave

The Payment Card Industry Data Security Standard (PCI DSS) has long been recognized as the gold standard for payment security, establishing rigorous protocols for organizations that handle credit and debit card data. Designed to bolster defenses and minimize the risk of costly data breaches, PCI DSS is now poised for a major evolution. With the introduction of PCI DSS 4.0, new compliance requirements will become mandatory starting March 31, 2025.

Read Post