An information security policy template serves as a comprehensive guide for organizations aiming to fortify their defenses against information breaches and cyber-attacks. It encompasses key areas such as purpose and objectives, authority, scope, organizational security management, functional responsibilities, and much…
Tag: Heimdal Security Blog
Researchers Disclose Proof of Concept for New GhostRace Attack
IBM and VU Amsterdam University researchers published on March 12th their study about the new GhostRace attack type. Apart from the technical paper, blog post and Proof of Concept (PoC) exploit, they also released scripts for scanning the Linux kernel for…
MSP vs MSSP: What Is The Difference
MSPs handle IT management, while MSSPs specialize in cybersecurity. MSPs ensure smooth operations, while MSSPs maintain a security posture. Both are essential — each with its unique role. In this article, we’ll discuss their key differences! What Is an MSP…
Russians Used Microsoft’s Stolen Authentication Secrets to Access Source Code
Midnight Blizzard hackers used Microsoft’s stolen authentication secrets to advance into their internal system and access source code. The Russian attackers initially used password spraying to get into a legacy non-production test tenant account. Microsoft disclosed this initial attack in…
Heimdal’s 10th Anniversary – Our Finest Hours
On Heimdal’s 10th Birthday, we want to thank everyone who shaped our journey from 2014 to today, and the future. Ours is a story of perseverance, innovation, and the relentless pursuit of excellence through community empowerment. What better way to…
IAM vs PAM: What’s the Difference And Why It Matters
IAM and PAM refer to similar topics in the world of access management, and they’re often used interchangeably. However, it’s important to understand how and why they’re different and what that means for your wider cybersecurity strategy. If you want…
[Free & Downloadable] Cybersecurity Risk Management Template – 2024
This comprehensive cybersecurity risk management template provides a structured approach for identifying, assessing, and prioritizing cybersecurity risks. By offering a standardized framework, it enables organizations to systematically evaluate their vulnerabilities and the potential impact of various cyber threats. This streamlined…
Bank of America Warns Its Customers About Data Breach
A data breach compromising customers’ personal information has been alerted by Bank of America to consumers following last year’s intrusion of Infosys McCamish Systems (IMS), one of its service partners. Data exposed in the security breach include the names, addresses,…
How to Defend Against the 10 Most Dangerous Privileged Attack Vectors
Since the earliest days of technology, hackers and cybersecurity professionals have been locked in a cat-and-mouse game, each inventing more innovative ways of outsmarting the other. In 2024, that resulted in an increasingly complex landscape of privileged threat vectors for…
NIST Cybersecurity Framework Policy Template Guide – 2024
The purpose of this document is to provide a comprehensive template for organizations seeking to assess their compliance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The NIST CSF is a voluntary framework that consists of…