Diving into the Depths of Cloud Workload Defense Framework (CWDF) Mysteries Setting out to understand cloud security, one frequently encounters the term – Cloud Workload Defense Framework (CWDF). What exact role does CWDF play? Let’s decode this riddle. At its…
Tag: Security Boulevard
Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’
A new tier of overlapping, interoperable, highly automated security platforms must, over the next decade, replace the legacy, on-premise systems that enterprises spent multiple kings’ fortunes building up over the past 25 years. Related: How ‘XDR’ defeats silos Now along…
Lateral Movement: Abuse the Power of DCOM Excel Application
In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within the distributed component object model (DCOM) Excel application. This technique is built upon Matt Nelson’s initial research on “Lateral Movement using Excel.Application and DCOM”. What…
SternX Resources to Assist Businesses with Insider Threat Risk Assessment
Insider threats pose serious risk. SternX provides leading technology and expertise to help businesses implement insider threat risk assessment programs, assess vulnerabilities, monitor for risks, and build robust defenses. The post SternX Resources to Assist Businesses with Insider Threat Risk…
A Complete Guide to NIST Compliance: Navigating the Cybersecurity Framework, NIST 800-53, and NIST 800-171
Cybersecurity has become one of the most pressing threats that an organization can face, where poor cybersecurity can lead to operational disruptions, regulatory enforcement, lost sales, a tarnished corporate reputation, and much other trouble. Management teams know this, of course,…
Accelerating FedRAMP ATOs: OMB Memo
The Office of Management and Budget (OMB) released a Draft Memorandum for Modernizing the Federal Risk and Authorization Management Program (FedRAMP) on Friday, Oct 27, 2023. FedRAMP was codified in 2022 when Congress passed the FedRAMP Authorization Act (“Act”). The…
How to Get HITRUST Certified—and Why
What is the HITRUST Certification? In 2007, a group of healthcare organizations, technology companies, and government agencies—including the American Hospital Association, Blue Cross Blue Shield Association, the Centers for Medicare & Medicaid Services (CMS), McKesson Corporation, and Microsoft—got together to…
Pro-Palestinian Threat Groups Expand Cyberwar Beyond Israel
As Israel’s military escalates its ground and air attacks in Gaza, the parallel cyberwar that spun up so quickly following the October 7 surprise raids by Hama terrorists appears to be changing and spreading to other countries. A report this…
Spookiest Hacks, Cybercriminals and Tactics Lurking in 2023
A Bitdefender study found nearly half of Halloween-themed spam is fraudulent, with 69% of the spam hitting U.S. inboxes. The post Spookiest Hacks, Cybercriminals and Tactics Lurking in 2023 appeared first on Security Boulevard. This article has been indexed from…
Identity Theft: The Silent Threat for Executives
Identity theft isn’t a new phenomenon, but its rise in the executive world can no longer be ignored. As a CISO, you understand the importance of safeguarding not only your organization’s data but also the personal information of your top-level…