2023 SANS Report Digital Forensics
Speakers: John Gamble (Corelight), Domenica Crognale, Heather Mahalik, David Smalley.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
An Active Directory Domain Controller Could Not Be Contacted
When I try to join a new Windows workstation or server to an Active Directory (AD) domain, I sometimes encounter the following error: “An Active Directory Domain Controller (AD DC) for the domain ‘domainname’ could not be contacted.” This error can occur due to any of several reasons, from a simple incorrect DNS server IP address to a much more complex issue.
What does Vietnam's mandatory ID law mean for social media? | Insights on privacy, censorship & user impact
Vietnam’s government is taking steps to combat online scams and other forms of cybercrime by making it mandatory for users of Facebook, TikTok, and other social media networks to verify their identities using real-time identity verification. According to the Global Anti Scam Alliance, Vietnam has one of the highest rates of online fraud in Asia.
ROI on Cybersecurity - CISO Global
CISO Global's Chief Technology Officer shares his perspective on the impact cybersecurity has on an organization's ROI.
Introduction to Netskope Cloud Firewall
Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.
The Impact of Government Legislation on Cybersecurity | James Rees, Razorthorn Security
Join us as we sit down with James Rees, cybersecurity expert from Razorthorn Security, to discuss the ever-changing landscape of government legislation and its impact on cybersecurity. James shares his insights on the challenges faced by cyber security professionals due to prolonged discussions and delayed releases of legislation. With examples from Europe and the UK, he highlights the need for timely action in the face of rapidly evolving cyber threats. Don't miss this eye-opening conversation that sheds light on the struggles faced by security teams and the urgency to stay ahead of the game in a constantly evolving digital world.
Lateral Movement to the Cloud with Pass-the-PRT
Attackers use a variety of tactics to spread laterally across on-premises Windows machines, including Pass-the-Ticket, Pass-the-Hash, Overpass-the-Hash and Golden Tickets attacks. But similar techniques are also effective in moving laterally from a compromised workstation to connected cloud resources, bypassing strong authentication measures like MFA. This article explains how attackers can perform lateral movement to the cloud with an attack called Pass-the-PRT.
The Crucial Role of Log Management in Compliance
In today’s digital landscape, businesses face a multitude of regulatory requirements designed to safeguard sensitive data and protect individuals’ privacy. Compliance with regulations such as HIPAA, GLBA, CMMC, PCI, and others has become paramount, making it essential for organizations to have robust log management solutions in place.
We Need Diversity In Cyber Security - Paul Dwyer
Paul Dwyer talks about diversity in cyber security. Paul Dwyer Paul C Dwyer stands among the world’s leading cybersecurity, risk, and compliance authorities. As CEO of Cyber Risk International, he excels in corporate and enterprise security, crafting cyber defence programs, and safeguarding business operations for clients. He also serves as the founder and President of the ICTTF International Cyber Threat Task Force, leading a community of over 30,000 professionals in their mission to combat cyber threats and promote industry diversity.
What a Baseline Configuration Is and How to Prevent Configuration Drift
Configuration drift seems inevitable — the gradual but unintentional divergence of a system’s actual configuration settings from its secure baseline configuration. Proper configuration of your infrastructure components is vital for security, compliance and business continuity, but setting changes are often made without formal approval, proper testing and clear documentation.