%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Risk Mitigation Strategies for Tcp/IP Vulnerabilities in OT

Sep 4, 2021 By JFrog In JFrog

JFrog in collaboration with Forescout Research Labs recently released the fourth study from Project Memoria - the industry’s most comprehensive study of TCP/IP vulnerabilities. INFRA:HALT covers 14 vulnerabilities affecting the popular closed source TCP/IP stack NicheStack. These vulnerabilities can cause Denial of Service or Remote Code Execution, allowing attackers to take targeted OT and ICS devices offline or take control of them.

View Video

JFrog

Read more about Risk Mitigation Strategies for Tcp/IP Vulnerabilities in OT

Assign Read-Only Access to Users in Logz.io

Sep 3, 2021 By Noa Levi In logz.io

Cloud monitoring and observability can involve all kinds of stakeholders. From DevOps engineers, to site reliability engineers, to Software Engineers, there are many reasons today’s technical roles would want to see exactly what is happening in production, and why specific events are happening. However, does that mean you’d want everyone in the company to access all of the data?

Read Post

logz.io

Read more about Assign Read-Only Access to Users in Logz.io

5 ways federal agencies can augment a zero-trust architecture

Sep 2, 2021 By Marcel Shaw In ServiceNow

A May 2021 executive order mandated that federal government agencies invest in both technology and personnel to centralize and streamline access to cybersecurity data, accelerate migration to secure cloud architectures, and advance toward a zero-trust architecture. A zero-trust architecture doesn’t refer to a predefined, out-of-the-box network security solution. It’s a strategy based on an agency’s cybersecurity plan that contains a collection of zero-trust concepts.

Read Post

ServiceNow

Read more about 5 ways federal agencies can augment a zero-trust architecture

Automated Threat Intelligence: An Overview

Sep 1, 2021 By Theo Despoudis In Torq

SecOps and security teams spend an excessive amount of time sifting through low-value, poorly-contextualized alarm data rather than actively hunting for valid threats. This is because bad actors are constantly looking to steal whatever they can hold onto with the least exposure. Recent ransomware attacks in critical business sectors only serve as reminders that organizations cannot lie dormant. This blog post will unpack strategies to help overcome these challenges and explain why integrating threat intelligence with security orchestration and automation is critical for an effective security operations strategy.

Read Post

Torq

Read more about Automated Threat Intelligence: An Overview

What is Forensic Analysis and Why is it Important for the Security of Your Infrastructure

Sep 1, 2021 By Antonia Shehova In VirtualMetric

With the advent of cybercrime in recent years, tracking malicious online activities has become imperative for protecting operations in national security, public safety, law and government enforcement along with protecting private citizens. Consequently, the field of computer forensics is growing, now that legal entities and law enforcement has realized the value IT professionals can deliver.

Read Post

VirtualMetric

Read more about What is Forensic Analysis and Why is it Important for the Security of Your Infrastructure

Modern Security Monitoring Demands an Integrated Strategy

Sep 1, 2021 By Matt Hines In logz.io

The ultimate success of any security monitoring platform depends largely on two fundamental requirements – its ability to accurately and efficiently surface threats and its level of integration with adjacent systems. In the world of SIEM, this is perhaps more relevant than any other element of contemporary IT security infrastructure.

Read Post

logz.io

Read more about Modern Security Monitoring Demands an Integrated Strategy

Cybersecurity with Ubuntu

Sep 1, 2021 By Nikos Mavrogiannopoulos In Canonical

The cybersecurity state of affairs can be described as too complex today. There is an enormous number of threats endangering sensitive data for the average IT team to cope with. Threats ranging from exposure of physical assets stored in an office, to “social engineering” attacks resulting in unauthorized access, or even threats that exploit obscure software vulnerabilities.

Read Post

Canonical

Read more about Cybersecurity with Ubuntu

Five Key Focus Areas to Testing IoT Security

Aug 31, 2021 By ZiniosEdge In ZiniosEdge

The challenge of testing security can be addressed through a focused approach that covers five key areas – Authentication/authorization protocols Cloud interfaces encrypted & encrypted data Physical and infrastructure security Hardware and software quality

View Video

ZiniosEdge

Read more about Five Key Focus Areas to Testing IoT Security

Secure your clients and prevent churn with a canary

Aug 31, 2021 By Lewis Pope In N-able

Many people are familiar with the stories of coal miners using canaries to detect carbon monoxide and other toxic gases as a warning system for when they should evacuate. Even though cybersecurity is far removed from coal mining, it has an equivalent “canary in the coal mine” that takes the form of indicators of compromise, or IoC for short. So why should an MSP be concerned with looking for IoCs?

Read Post

N-able

Read more about Secure your clients and prevent churn with a canary

Calico integration with WireGuard using kOps

Aug 31, 2021 By Reza Ramezanpour In Tigera

It has been a while since I have been excited to write about encrypted tunnels. It might be the sheer pain of troubleshooting old technologies, or countless hours of falling down the rabbit hole of a project’s source code, that always motivated me to pursue a better alternative (without much luck). However, I believe luck is finally on my side.

Read Post