The compromise of Mandiant’s X (formerly Twitter) account last week was likely the result of a “brute-force password attack,” attributing the hack to a drainer-as-a-service (DaaS) group. “Normally, [two-factor authentication] would have mitigated this, but due to some team transitions…
Tag: EN
Encrypting Data Using Asymmetric Encryption: A Comprehensive Guide
Asymmetric encryption, commonly known as public-key encryption, is an important technique for safeguarding data transport and storage. It uses a pair of keys for encryption and decryption: a public key for encryption and a private key for decryption. Let’s look…
The Crucial Need for a Secure Software Development Lifecycle (SSDLC) in Today’s Digital Landscape
By John Riley III, Cyber Business Development, Alan B. Levan | NSU Broward Center of Innovation. “Securing the software delivery pipeline is as important as securing the software that is […] The post The Crucial Need for a Secure Software…
Beyond Passwords: AI-Enhanced Authentication in Cyber Defense
By Kathleen Dcruz Why all the noise about artificial intelligence? Now more than ever, AI is becoming part of our lives faster than you could imagine. The question that begs, […] The post Beyond Passwords: AI-Enhanced Authentication in Cyber Defense…
Purple teaming and the role of threat categorization
Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments…
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing…
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its…
Network connected wrenches are now vulnerable to Ransomware attacks
Network-connected wrenches used globally are now at risk of exposure to ransomware hackers, who can manipulate their functionalities and gain unauthorized access to the connected networks, according to experts. Research conducted by Nozomi reveals that the Bosch Rexroth Handheld Nutrunner,…
Embracing offensive cybersecurity tactics for defense against dynamic threats
In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security…
The expanding scope of CISO duties in 2024
In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we’ll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed…