Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Phishing schemes are always evolving. This past year, email thread hijacking took phishing to new depths of subterfuge as criminals hid in plain sight within existing conversations. But no matter how well cybercriminals have refined their messaging or counterfeited legitimate logos and branding, the one constant has always been their delivery method: email. Until now. Online chat services have become a new target for cybercriminals to introduce documents loaded with malware into organizations.

In February 2020, a Time Magazine headline declared, “The Coronavirus outbreak has become the world’s largest work-from-home experiment.” Over a year later, that experiment has been a resounding success for companies and employees who found abundant upsides to less rigid workplace expectations.

If you need your teams to act, you need to alert them where they’re already looking. Yet yesterday’s DevOps practices demand individuals to wrangle with uncorrelated events, multiple UIs, and siloed technologies. Tomorrow’s DevOps must enable teams with: To practice DevSecOps, you’ll need to know where a vulnerable build has been deployed into production, and where to find the corrected build that should replace it.

AT&T Alien Labs recently analyzed the Linux version of the Darkside ransomware, one of the most active ransomware in the last quarter. Shortly after hitting Colonial Pipeline, Darkside developers announced they would be closing operations.

SSL TLS are two encryption protocols that provide security for communication over the internet. SSL protocol has been around for many years, but both are still widely used today. Why is this? The answer is simple: these protocols work well to encrypt data sent between a client and server computer, which can be very important in protecting sensitive information such as credit card numbers or passwords. But what really sets them apart from each other?

Digital transformation changes the perimeter. When organizations had all their applications on-premises, the network firewall kept the right users inside the gate and malicious actors outside. However, the move to the cloud changed all that. In today’s hyper-connected ecosystem, understanding the components and types of access control can help you strengthen security.

By implementing these vulnerability assessment and vulnerability management best practices you will reduce the attack surface of your infrastructure. We’re human, and many things we build aren’t perfect. That’s why we take our cars for a periodic inspection, or why we have organizations certifying that products are safe to use. Software is no different.

If our friends Security and Networking were on Facebook, they would probably both list their relationship status as “It’s Complicated.” Sometimes everything’s great, but now and then things can get a little weird, unclear, or uncomfortable. At many organizations, there has traditionally been a barrier between the security and networking teams. Each team has its own objectives — and at times, those objectives can be at cross-purposes.