You are browsing archives for
Whether providing valuable evidence that assists in the investigation and prosecutions of crime perpetrators or proving their innocence or as part of the post-breach investigation and incident response process in organizations of all sizes, digital forensics is a widely used craft by investigators in all sectors. The ever-growing advancements in information technology have potentially proven […]
While there may be talk about SIEM joining the line of legacy technologies that are proclaimed “dead”, SIEM has been a core system for many security teams, and in different capacities. Furthermore, SIEM (along with its evolution) has been intertwined with relevant threats in the ecosystem as well as the market in which it is […]
Vulnerability assessment, the use of cyber intelligence feeds, attack surface management and other processes are all used to prevent threats from becoming security breaches. Organizations have also turned to solutions that detect and prevent cyberattacks by monitoring early indicators of attack in network traffic. After all, nearly all types of cyber threats use network communications […]
Much of this focus has come about to address the sheer volume and sophistication of cyber threats in today’s landscape. The rise of malicious actors seeking to compromise data, steal information, disrupt services and cause damage has led to the implementation of numerous defense strategies, practices and technologies. Encrypting data, using firewalls to prevent unauthorized […]
Consequently, if there’s one resounding principle actionable intelligence via internet scanning has taught us, it is that adopting a proactive attitude towards accurate threat identification and correlation is the necessary first step if we are serious (or even care) about evidence-based knowledge and contextualization dictating the flow of any successful investigation. This is particularly true […]
Consequently, cyber attacks have become more widespread and sophisticated, impacting the critical infrastructures of many organizations and gaining access to their most valuable assets. Besides investing in technology, organizations should turn to relevant policies and industry standard frameworks to better inform their practices. It’s a critical step toward keeping data and systems secure and managing […]
We often say that in cybersecurity, it’s important to think about “when” an attack will occur, not “if” it will occur. And while being proactive is touted as the key to an organization’s most effective security posture, one should never dismiss the value of reactive security practices, either. Building up your defences against attacks and […]
Imagine this scenario: it’s tax season, and you work in the HR department. Your CEO sends you an email requesting copies of employee W-2s that include names, addresses, Social Security numbers, income data and tax information. With the sense of urgency that the tax season brings and a direct request from your CEO, what should […]
This manifold implementation or process of brute forcing credential hashes within the Windows Active Directory ecosystem would soon become the de facto attack vector against the Kerberos protocol, leveraging certain exploitable authentication and encryption mechanisms of the popular MIT-born technology while embroiling the Redmond giant in a cascade of existential threats for years to come. […]
Reactive vs proactive security is often not the matter of choosing which one is better but to see how both are important for a proper cybersecurity posture of your organization. Source of Article
Get familiar with Shadow IT, the concept, its security risks but also how you can leverage it for your benefit. Source of Article
Get familiar with the definition of cyber extortion, cyber threats that can lead to it and how to protect your organization. Source of Article
