Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, we’re unveiling HasMySecretLeaked, a free toolset to help security and DevOps engineers verify if their organization’s secrets have leaked on GitHub.com.

I was looking at my watch last week and my attention was moved towards the seconds over at the right of the watch face, incrementing nicely along as you’d expect. Now, I don’t know if I’d just spent too long staring at a debugger screen or if it was something in the air, but an idea dawned on me, related to all things command and control, data exfiltration, etc.

Converging networking with security is fundamental to creating a robust and resilient IT infrastructure that can withstand the evolving cyber threat landscape. It not only protects sensitive data and resources but also contributes to the overall success and trustworthiness of an organization. And just as technologies are converging, networking and security teams are increasingly working together.

It is common knowledge that when it comes to cybersecurity, there is no one-size-fits all definition of risk, nor is there a place for static plans. New technologies are created, new vulnerabilities discovered, and more attackers appear on the horizon. Most recently the appearance of advanced language models such as ChatGPT have taken this concept and turned the dial up to eleven.

Cisco has issued a warning regarding a critical security vulnerability (CVE-2023-20198) affecting its IOS XE software. With a severity rating of 10.0 on the CVSS scoring system, the vulnerability grants remote attackers full administrator privileges on affected devices without authentication.

New data from Outpost24 reveals that IT administrators could be just as predictable as end-users when it comes to passwords. An analysis of just over 1.8 million passwords ranks ‘admin’ as the most popular password with over 40,000 entries, with additional findings pointing to a continued acceptance of default passwords.

Software is an essential part of our online experience. Whether it’s our operating systems, web browsers, or the apps we use daily, software plays a crucial role in our lives. However, with great convenience comes a big responsibility, and one of the most essential aspects of online safety is keeping your software updated regularly. In this blog, we’ll explore the significance of keeping your software up-to-date.

The Cybersecurity Maturity Model Certification (CMMC) program is aligned to DoD’s information security requirements for Defense Industrial Base (DIB) partners. It is designed to enforce protection of CUI (Controlled Unclassified Information) shared by the Department with its contractors and subcontractors.

When creating a new password, you know the drill – it must be at least eight characters long, contain special characters and avoid sequential characters or be based on dictionary words. Although these requirements can be a pain in the neck and seriously hamper end user experience, they are not a sign of officious IT security teams.

An effective detection and response capability is essential for monitoring key assets, containing threats early and eradicating them. However, due to the current disparate nature of potential attack vectors within an organization, affording the wide range of sensors necessary can be a challenge as well as the worry of the disruption of critical services. Yet, without robust detection and response processes, businesses are left vulnerable.