This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article you will find a more in-depth…
Category: Security Boulevard
Debian and Ubuntu Fixed OpenSSH Vulnerabilities
Debian and Ubuntu have released security updates for their respective OS versions, addressing five flaws discovered in the openssh package. In this article, we will delve into the intricacies of these vulnerabilities, shedding light on their nature and the recommended…
Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The iPhone exploit, known as Operation Triangulation, has complex…
USENIX Security ’23 – Oshrat Ayalon, Dana Turjeman, Elissa M. Redmiles – ‘Exploring Privacy And Incentives Considerations In Adoption Of COVID-19 Contact Tracing Apps’
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel. Permalink The post…
9 Questions to Ask a Privileged Access Provider
Most resources, such as databases or machines, are running in the cloud today and need privileged access. Yet few teams can effectively manage identities in the cloud at scale, with Gartner estimating that by 2023, 75 percent of cloud security…
FAQ: What Is DFARS Compliance and How Does It Work?
The Defense Federal Acquisition Regulation Supplement, better known as DFARS, has significance for contractors working with the Department of Defense (DoD). Our intention is to offer a comprehensive perspective on DFARS in the context of cybersecurity, its various clauses, and…
Three Years After January 6th: The Insurrection’s Impact on U.S. Democracy
Three years ago, on January 6, 2021, the U.S. Capitol was stormed by a mob intent on overturning the results of the 2020 Presidential Election. This event — the January 6th insurrection — was a direct attack on the democratic…
USENIX Security ’23 – “If I Could Do This, I Feel Anyone Could” *The Design And Evaluation Of A Secondary Authentication Factor Manager’
Authors/Presenters: Garrett Smith, Tarun Yadav, Jonathan Dutson, Scott Ruoti, Kent Seamons“ Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the…
How to Build a Phishing Playbook Part 2: Wireframing
Welcome back to our series on automating phishing investigation and response with playbooks in Smart SOAR. This is a four-part series covering preparation, wireframing, development, and testing. In this part, we’ll be designing our workflow, building on top of the…
Nest Wallet CEO Loses $125,000 in Wallet Draining Scam
The co-founder and CEO of a startup cryptocurrency wallet said he lost $125,000 in crypto in a scam, becoming among the latest victims of the growing threat of wallet drainer malware that one cybersecurity firm stole almost $300 million from…