A recent revelation in the cybersecurity realm uncovers a concerning development dubbed GHOSTENGINE, a cryptojacking campaign employing a sophisticated method to bypass security measures. In this blog, we’ll look at the GHOSTENGINE exploit in detail, shedding light on its modus…
Category: Security Boulevard
Symmetry Systems Recognized as a Strong Performer in the 2024 Gartner® Peer Insights™ Voice of the Customer for Data Security Posture Management report
San Mateo, Calif. – JUNE 6, 2024 – Symmetry Systems, the data+AI security company, today announced it has been named… The post Symmetry Systems Recognized as a Strong Performer in the 2024 Gartner® Peer Insights™ Voice of the Customer for…
IoT Security Means Remediation Not Mitigation
A topic that I recently got asked about was vulnerability mitigation for IoT systems, which shows that even within the security community there is still a belief that mitigation equals threat resolution. For IoT systems this simply does not work…
BTS #31 – Managing Complex Digital Supply Chains – Cassie Crossley
Cassie has a long history of successfully managing a variety of security programs. Today, she leads supply chain efforts for a very large product company. We will tackle topics such as software supply chain management, SBOMs, third-party supply chain challenges,…
Safeguarding AWS AI Services: Protecting Sensitive Permissions
As AI continues to grow in importance, ensuring the security of AI services is crucial. Our team at Sonrai attended the AWS Los Angeles Summit on May 22nd, where we noted how big of a role AI is going to…
Cybersecurity Training Reduces Phishing Threats – With Numbers to Prove It
Train people. It makes a difference. In organizations without security awareness training, 34% of employees are likely to click on malicious links or comply with fraudulent requests. The post Cybersecurity Training Reduces Phishing Threats – With Numbers to Prove It…
RansomHub Rides High on Knight Ransomware Source Code
RansomHub, which has become among the most prolific ransomware groups over the past few months, likely got its start with the source code from the Knight malware and a boost from a one-time BlackCat affiliate. The post RansomHub Rides High…
CEO Corner: Preparing for the Unavoidable – Why Incident Response Readiness is Non-Negotiable
Twenty years ago, I began my career in information security. It was all about firewalls (the heyday of Checkpoint), content filtering (remember Bluecoat) and anti-virus (Symantec and McAfee were the name of the game). We were monitoring our network with…
USENIX Security ’23 – HOMESPY: The Invisible Sniffer of Infrared Remote Control of Smart TVs
Authors/Presenters:Kong Huang, YuTong Zhou, Ke Zhang, Jiacen Xu, Jiongyi Chen, Di Tang, Kehuan Zhang Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events…
How Poor Cryptographic Practices Endanger Banking Software Security
In today’s digital age, financial institutions rely heavily on encryption to protect sensitive data in their banking applications. However, despite the critical role of cryptography, many implementations suffer from fundamental flaws that create a false sense of security. Misconceptions about…