hello again

Tag Archives: Cybersecurity

#cybersecurity | hacker | With election on horizon, U.K.’s Labour Party contends with DDoS attacks

Source: National Cyber Security – Produced By Gregory Evans The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party […]

#cybersecurity | hacker | ‘DIRT CLEAN’ -a technology rationalization approach for security controls

Source: National Cyber Security – Produced By Gregory Evans Security is a boardroom topic and not a hard sell these days. Not saying the job of the CISO has become easier, but certainly getting funding is less of a herculean task as it used to be 10 years ago. Everyday we get updates about breaches […]

#cybersecurity | #hackerspace | RADIUS Server in Azure – Security Boulevard

Source: National Cyber Security – Produced By Gregory Evans Azure® is a cloud infrastructure provider that offers compute, storage, and other infrastructure platforms, such as Office 365. Azure introduced its own identity management solution called Azure Active Directory® (AD), but this doesn’t serve as a solution for bringing the on-prem directory service, Active Directory, to […]

#cybersecurity | #hackerspace | Security @ Serverless Speed – A Protego Use Case

Source: National Cyber Security – Produced By Gregory Evans Companies choose to transition to serverless computing for various reasons, mainly being faster time-to-market and reduced infrastructure costs. However, the root cause of their serverless security needs differ based on a myriad of factors. In this use case we will highlight a team struggling with traditional […]

#cybersecurity | #hackerspace | Derbycon2019, Brett Hawkins’ ‘SharPersist: Windows Persistence Toolkit In C#’

Source: National Cyber Security – Produced By Gregory Evans Many Thanks to Adrian Crenshaw (Irongeek), and his Videographer Colleagues for Sharing His and Their Outstanding Videos Of This Last And Important DerbyCon 2019. Visit Irongeek for additional production credits and additional information. Subscribe to Irongeek’s content, and provide Patreon support as well. Permalink The post […]

#cybersecurity | #hackerspace | Why Cybersecurity Breach Survivors are Valued Assets

Source: National Cyber Security – Produced By Gregory Evans Guest article By Ewen O’Brien, VP of Enterprise, EMEA at BitSightNo one wants to talk about their failures, especially in the cybersecurity realm where the stakes are high. But new insight from Symantec and Goldsmiths, University of London, finds that security professionals who have lived through a […]

#nationalcybersecuritymonth | Cybersecurity tips for SMEs – The Manila Times

Source: National Cyber Security – Produced By Gregory Evans A study from Frost & Sullivan and Microsoft revealed that more than half of the organizations in the Philippines have either experienced a cybersecurity incident or are not sure if they had one as they have not performed proper actions or data breach assessment. With Filipinos’ […]

#cybersecurity | #hackerspace | Isolation protects you from threats that haven’t even been discovered

Source: National Cyber Security – Produced By Gregory Evans Another day, another validation that Internet isolation really is the best cybersecurity protection out there. Last week, Google released an urgent Chrome update to patch an actively exploited zero-day known as CVE-2019-13720, a memory corruption bug that uses a use-after-free vulnerability in audio that allows a […]

#nationalcybersecuritymonth | NCSAM is Over, But Don’t Let Cybersecurity Fade to Black

Source: National Cyber Security – Produced By Gregory Evans This Halloween season, we’ve explored the deepest, darkest corners of cyberspace in our National Cybersecurity Awareness Month (NCSAM) blog series—from cyber spooks and digital demons to deathly data breaches and compliance concerns. Our panel of cybersecurity experts assembled to tell you the spookiest things they’ve seen […]

#cybersecurity | #hackerspace | Maze Ransomware Exploiting Exploit Kits

Source: National Cyber Security – Produced By Gregory Evans Cybercrime has never been one to hem in tactics with ideology or rules. Rather, malware operators are known to use what works and then modify code to continue to work. By “work,” we mean that the code does what it is supposed to; for information stealers, […]

#cybersecurity | #hackerspace | Active Directory Fix-It Guide – Security Boulevard

Source: National Cyber Security – Produced By Gregory Evans IT admins have long been the unofficial repair technicians of the enterprise. However, instead of hammers and wrenches, the tool kit of the IT admin contains servers, cables, and software tools. Unfortunately, one of the most popular IT admin tools, Microsoft® Active Directory® (AD), isn’t working […]

#cybersecurity | #infosec | Smashing Security #153: Cybercrime doesn’t pay (but Uber does)

Source: National Cyber Security – Produced By Gregory Evans The cybercrime lovebirds who hijacked Washington DC’s CCTV cameras in the run-up to Donald Trump’s inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach. All this and much more is discussed […]

#cybersecurity | #hackerspace | Why PAM Should Be a CISO’s Top Priority

Source: National Cyber Security – Produced By Gregory Evans Privileged access management (PAM) consists of strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes and systems across an IT environment. By implementing an appropriate level of privileged access controls, PAM helps organizations condense their organization’s attack surface […]

#cybersecurity | hacker | Application isolation and virtualization provide a false sense of cybersecurity – It’s time for a better solution

Source: National Cyber Security – Produced By Gregory Evans A recently discovered critical vulnerability presents yet another case study for the shortcomings of the isolation/virtual machine model for cybersecurity. The vulnerability, CVE-2019-14378, has a severity of 8.8, and was first published in the National Vulnerability Database on July 29th, 2019. The vulnerability affects QEMU, the […]