The Internet’s Most Tempting Targets
What attracts the attackers? David “moose” Wolpoff, CTO at Randori, discusses how to evaluate your infrastructure for juicy targets. Source: Threatpost.com
Continue ReadingCategory: InfoSec Insider
The Log4j Vulnerability Puts Pressure on the Security World
It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. Source: Threatpost.com
Continue ReadingReal Big Phish: Mobile Phishing & Managing User Fallibility
Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike. Source: Threatpost.com
Continue ReadingHere’s REALLY How to Do Zero-Trust Security
It’s not about buying security products! Joseph Carson, chief security scientist from ThycoticCentrify, offers practical steps to start the zero-trust journey. Source: Threatpost.com
Continue ReadingWhat the Rise in Cyber-Recon Means for Your Security Strategy
Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs. Source: Threatpost.com
Continue ReadingThreat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
Jason Kent, hacker-in-residence at Cequence Security, discusses sneaky shopping bot tactics (i.e., domain parking) seen in a mass campaign, and what retail security teams can do about them. Source: Threatpost.com
Continue ReadingGlobal Cyberattacks from Nation-State Actors Posing Greater Threats
Casey Ellis, CTO at Bugcrowd, outlines how international relations have deteriorated into a new sort of Cold War, with espionage playing out in the cyber-domain. Source: Threatpost.com
Continue ReadingTime to Ditch Big-Brother Accounts for Network Scanning
Yaron Kassner, CTO and co-founder of Silverfort, discusses why using all-seeing privileged accounts for monitoring is bad practice. Source: Threatpost.com
Continue ReadingConvergence Ahoy: Get Ready for Cloud-Based Ransomware
Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. Source: Threatpost.com
Continue ReadingIn 2022, Expect More Supply Chain Pain and Changing Security Roles
If 2021 was the Year of Supply Chain Pain, 2022 will be the Year of Supply Chain Chronic Pain (or something worse than pain). This past year, the pain was felt in two significant ways: through the supply chain disruptions caused by COVID-19, and through the many security breaches that we saw in our key […]
Continue Reading