Security Boulevard

NOVEMBER 6, 2022

The post BSidesPDX 2022 – Ben Kendall’s ‘Breaking Into Infosec Or, How I Hacked My Way Out Of Poverty’ appeared first on Security Boulevard. Our sincere thanks to BSidesPDX 2022 for publishing their outstanding conference videos on the organization's YouTube channel.

InfoSec 52

InfoSec Hacking Education Information Security 52

Security Boulevard

FEBRUARY 3, 2022

An infosec researcher was hacked by North Korea. The post US Hacker ‘P4x’ Gets Back at Pyongyang (but We Smell a Rat) appeared first on Security Boulevard. law enforcement did nothing, so he took matters into his own hands.

InfoSec 98

InfoSec Hacking Social Engineering IoT 98

Security Boulevard

AUGUST 8, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1st, 2022. I’ve also included some comments on these stories.

InfoSec 98

InfoSec Cybersecurity VPN Malware 98

Security Boulevard

OCTOBER 12, 2022

Maleeff’s ‘Long Overdue: Making InfoSec Better Through Library Science’ appeared first on Security Boulevard. Our sincere thanks to BSidesLV for publishing their outstanding conference videos on the organization's YouTube channel. The post BSidesLV 2022 Lucky13 GroundFloor – Tracy Z.

InfoSec 40

InfoSec Education Information Security Cybersecurity 40

Webroot

AUGUST 18, 2021

The infosec researcher Matt Tait, who spoke at this year’s Black Hat on the topic of supply chain attacks, called the Codecov compromise an instance of high-volume disruption based on indiscriminate targeting. But after the initial compromise, network security can block communication with known-malicious IP addresses to limit damage.

InfoSec 137

InfoSec Backups Software Small Business 137

SecureWorld News

DECEMBER 13, 2021

Marcus Hutchins, who stopped the global WannaCry ransomware attack, tweeted details about how widespread this vulnerability is, and how simple it is to take advantage of it: Other cybersecurity professionals warned the community about what they were seeing threat actors do: #log4j jokes and memes: tweets as infosec therapy. December 10, 2021.

InfoSec 98

InfoSec Cyber Risk Cybersecurity Risk 98

Threatpost

DECEMBER 4, 2020

Chris Calvert of Respond Software (now part of FireEye) outlines the challenges that reduce the efficacy of network security sensors.

Network Security 97

Network Security Software InfoSec 97

Security Boulevard

SEPTEMBER 27, 2024

ISO 27001 is the international standard for information security and protection. It’s roughly equivalent to similar infosec frameworks in the United States, like FedRAMP and CMMC, but the international development, maintenance, and scope of the ISO framework makes it much more commonly seen outside of US Government contracting.

InfoSec 59

InfoSec Government Information Security Network Security 59

Security Boulevard

DECEMBER 21, 2021

If you are the CEO, CFO or CXO of a major corporation, you are probably aware of Log4j, and perhaps perplexed by the unprecedented impact it has had on your infosec and IT teams. The post Log4j Memo to the CEO, CFO and other CXOs appeared first on Security Boulevard. Perhaps you are waiting for your CISO to provide ….

InfoSec 64

InfoSec CISO Cybersecurity Network Security 64

Malwarebytes

FEBRUARY 14, 2022

In a boilerplate statement to BleepingComputer , the 49ers revealed that the attack has caused temporary disruption to its IT network. The San Francisco 49ers recently became aware of a network security incident that resulted in temporary disruption to certain systems on our corporate IT network. Smart marketing tbh.

Ransomware 98

Ransomware Backups Encryption InfoSec 98

The Falcon's View

AUGUST 29, 2017

There is already a well-established sub-field within information security (infosec) known as " Behavioral Information Security." However, I did find a reference to "behavioral security" dating back to May 2004 (see "Behavioral network security: Is it right for your company?" ).

Information Security 45

Information Security InfoSec Social Engineering Security Awareness 45

eSecurity Planet

JANUARY 30, 2023

The website leverages GitHub application programming interfaces (APIs) to make “finding open-source security projects easier for everyone.” ” Anyone can go to the site to discover “the most popular and fastest-growing open-source security (OSS) projects.”

InfoSec 120

InfoSec Accountability Software Cybersecurity 120

SC Magazine

MARCH 2, 2021

House Oversight and Homeland Security committees last week, SolarWinds’s former and current CEOs blamed an intern for creating a weak FTP server password and leaking it on GitHub – an act which may or may not have contributed to a supply chain hack that impacted users of the tech firm’s Orion IT performance monitoring platform.

Passwords 129

Passwords Password Management CISO InfoSec 129

Security Boulevard

DECEMBER 20, 2021

Infosec folks are in for a busy holiday season ahead. The post Curating Log4j and Log4shell Memes appeared first on Security Boulevard. A lot of us will not be able to get any downtime thanks to Log4shell. For a quick refresher on Log4shell and Log4j, check out this blog for an executive summary.)

InfoSec 52

InfoSec Network Security 52

Security Boulevard

AUGUST 23, 2021

Our world is one where IT infrastructure, attacker trends, and workspace norms continue to shift, so it’s an increasingly difficult challenge to build a resilient infosec program backed by tested best practices. The post Webinar: Extended Detection and Response (XDR) – Past, Present and Future appeared first on Security Boulevard.

InfoSec 52

InfoSec Network Security 52

SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media.

InfoSec 97

InfoSec CISO Media Software 97

Security Boulevard

APRIL 7, 2023

Justice Department’s new Civil-Cyber Fraud Initiative announced its first settlement last month in a novel action that brought false claims allegations over infosec failures against, notably, a sole proprietor.

Small Business 69

Small Business Cybercrime Government Insurance 69

SC Magazine

APRIL 26, 2021

“You can really make sure that you use this product across multiple things – RDP, VPN, email – all that are constantly being attacked,” said Sanders, noting that ABCWUA’s solution from Cisco and Duo Security processes over 12,000 authorizations per month. So far, “it’s been going really well,” she said.

CISO 82

CISO IoT VPN InfoSec 82

SC Magazine

MAY 3, 2021

Are there particular lessons you hope infosec people will come away with? And considering the Florida Oldsmar water hack, we’re going to be doing a demonstration of how that works and what that looks like. So we’ll be doing it with actual physical equipment, simulating a water plant.

Hacking 108

Hacking Education InfoSec Media 108

Security Affairs

JANUARY 11, 2019

These sensitive data are protected using PK11 encryption from Mozilla Network Security Services, so the malware is weaponized with all the necessary functions decrypt them. This particular string has been elected as common malware name by many researchers of the InfoSec community. Research of the installed email client software.

Malware 106

Malware Phishing Advertising InfoSec 106

Security Boulevard

DECEMBER 20, 2023

InfoSec and SOC teams are often under-resourced and new to SAP systems. This means organizations are often relying on manual log reviews, which are time-consuming and require extensive internal expertise to keep up with the evolving threat landscape. How do you analyze each activity so you know what to prioritize?

Ransomware 64

Ransomware Threat Detection InfoSec Network Security 64

SecureList

APRIL 19, 2021

With steganography they are trying to fool the network security systems like IDS/IPS: bitmaps are not too suspicious for them. I keep hearing sales pitches about how it will revolutionize the infosec industry and I do not want to dismiss them outright. Would it help to automate the reverse engineering work?

Engineering 145

Engineering Malware InfoSec Education 145

NopSec

MARCH 18, 2016

It also affords minimal compliance for companies subject to less stringent security rules, contributing to a false sense of security and system safety. Beyond scanning, you need to be able to use the information your scanner provides to remediate the risks and keep your network secure.

InfoSec 40

InfoSec Risk Cyber threats Network Security 40

Herjavec Group

APRIL 26, 2021

Before the pandemic, the typical network security perimeter made it easy to differentiate between our teams and external groups. Without a mature security program, this can lead to some messy and sometimes catastrophic situations. Your board and leadership team will thank you! To Your Success , .

Risk 52

Risk Government InfoSec Cybersecurity 52

Notice Bored

NOVEMBER 4, 2021

Physical and environmental security : ignore these aspects at your peril! Networking security : risks associated with data and social networks. Information security incident management : unique or general? Asset management : using templates/models to develop your policies.

Information Security 56

Information Security Risk InfoSec Backups 56

Herjavec Group

OCTOBER 12, 2021

Managing third-party identities along with your internal end-users is key to gaining comprehensive visibility and security for your enterprise. Before the pandemic, the typical network security perimeter made it easy to differentiate between our internal teams and third parties.

Technology 52

Technology Cybersecurity Digital transformation Risk 52

Security Boulevard

OCTOBER 12, 2021

Machines that don’t sit on the network perimeter are often treated differently. Because they are, in theory, only reachable by trusted machines on the internal network, security is often less of a consideration.

Social Engineering 78

Social Engineering Penetration Testing Authentication Engineering 78

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. At the same time companies saw security resources in their organizations dwindle, leaving defenders to cope up with the onslaught of attacks.

Technology 145

Technology Firewall VPN Authentication 145

Security Boulevard

NOVEMBER 23, 2021

Double extortion is one of the most prevalent ransomware tactics today. The attackers first exfiltrate sensitive information from their target before launching the ransomware encryption routine.

Ransomware 122

Ransomware Encryption Antivirus Backups 122

eSecurity Planet

MAY 5, 2021

DXC Technology has over 40 years of infosec experience, most of which as HPE’s Enterprise Services. The DXC BAS offerings are a part of their Cyber Defense product line, which crafts tailored security solutions for the digital enterprise and prioritizes the evolving threat landscape. DXC Technology.

Penetration Testing 67

Penetration Testing Risk Technology Marketing 67

Security Boulevard

SEPTEMBER 13, 2021

The post Malicious Life Podcast: The Tesla Hack appeared first on Security Boulevard.

Hacking 111

Hacking Malware InfoSec Cybercrime 111

Security Boulevard

AUGUST 9, 2021

The Transparency Market Research team predicted that this market will increase at a CAGR of about 21% in the next decade, reported Help Net Security. The post XDR: The Next Step in Threat Detection and Response appeared first on Security Boulevard. The global EDR market (Endpoint Detection and Response) is growing rapidly.

Threat Detection 105

Threat Detection Marketing InfoSec Cybersecurity 105

Security Boulevard

JULY 20, 2021

The post Popular Myths about VPNs appeared first on The Shared Security Show. In this sponsored episode from our friends at ClearVPN, Artem Risukhin Content Marketing Manager at ClearVPN, joins co-host Tom Eston to discuss the most popular myths about VPNs.

Marketing 105

Marketing VPN InfoSec Technology 105

Security Boulevard

MAY 22, 2022

Our sincere thanks to BSides Prishtina for publishing their Presenter’s BSides Prishtina 2022 Information Security Conference videos on the organization’s’ YouTube channel.

Information Security 98

Information Security Education InfoSec Cybersecurity 98

eSecurity Planet

MAY 6, 2021

Since 1991, SonicWall has offered the newest network security solutions, and the Network Security appliance (NS a ) remains an advanced option fit for mid-sized networks. We round out our top twelve WAF vendors with a returning pick and a vendor with broad appeal among SMB and SME organizations. OWASP Top Ten.

Firewall 52

Firewall DDOS Marketing Technology 52

Security Boulevard

OCTOBER 30, 2021

The post DEF CON 29 Adversary Village – Carlos Polop’s ‘New Generation Of PEAS’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their outstanding DEFCON 29 Adversary Village videos on the Conferences’ YouTube channel.

Education 85

Education InfoSec Information Security Cybersecurity 85

ForAllSecure

MAY 26, 2022

He also talks about the future generation of hacking, what motivates young people today to think outside the box in a world where infosec is increasingly becoming vocational and expected. Vamosi: There’s also a list of words commonly used in infosec that are being challenged. Vamosi: Hackers. They're well designed.

Hacking 52

Hacking Technology InfoSec Media 52