Monday 8/31
Policy Evasion: Evasive Techniques You Need to Understand to Prevent Breaches and Attacks (FireEye)
In today’s world, security must be top of mind for everyone within an organization, and that means setting and adhering to cyber security policies are essential to preventing breaches and attacks.
https://bit.ly/32Vhfcv
What’s the problem with a VPN and a regular browser for remote access? (Citrix)
Organizations can provide access to internal web apps and resources with a VPN and a “regular” browser. The problem is that while there might be some authentication control with the initial login, IT has no control over of the browser session beyond that.
https://bit.ly/2ENAwUD
Malicious Attachments Remain a Cybercriminal Threat Vector Favorite
While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it’s a purported “job offer” or a pretend “critical invoice.”
https://bit.ly/34PHsLN
Tuesday 9/1
The next phase of application monitoring is predictive (F5)
Lori MacVittie, principal technical evangelist, Office of the CTO at #F5, explores the switch from active and passive application monitoring to something a little more predictable.
http://f5so.co/E4D949
Education in a Pandemic: Protect Your Kids from Virtual Back-to-school Threats (Check Point)
Students, parents, and schools should all be aware of the cybersecurity threats surrounding virtual learning this fall.
https://bit.ly/2YTFu9G
Wednesday 9/2
U.S. Department of Defense Selects Forescout to Protect Millions of Mission Critical Devices Across Global Networks
The Defense Information Systems Agency (DISA) chose Forescout’s technology as the foundation of the DoD’s “Comply to Connect” (C2C) initiative, a security framework to provide the highest level of assurance for authentication, authorization, compliance assessment and automated remediation of devices connecting to the DoD information network (DoDIN).
https://bit.ly/3lKPBHo
CyberArk Extends Cloud Deployment Options, Improves Simplicity and Scalability with v11.6
As the attack surface grows with remote work environments and expanded cloud deployments, organizations are turning to PAM solutions that help prevent credential theft, stop vertical and lateral movement, and limit privilege escalation and abuse. Maintaining the availability of key PAM processes is an important element of a defense in-depth strategy.
https://bit.ly/2QzQcNP
Thursday 9/3
A Comprehensive Look at Emotet’s Summer 2020 Return (Proofpoint)
While there are some innovations and incremental changes, Proofpoint researchers have noted surprisingly minimal change in TA542’s tactics or tooling, considering the long break. Many trends observed previously still remain relevant.
https://bit.ly/2ETbyne
What is Role-Based Access Control (RBAC)? (Varonis)
Role-Based Access Control (RBAC) is a security paradigm whereby users are granted access to resources based on their role in the company. RBAC, if implemented correctly, can be an effective way of enforcing the principle of least privilege.
https://bit.ly/3h2ziCA
Friday 9/3
New Python-scripted trojan malware targets fintech companies
The trojan allows attackers to secretly steal corporate information through the use of keylogging and taking screenshots, as well as the ability to collect information about the infected system, including which version of Windows is running, what anti-virus products are installed and whether USB devices are connected.
https://zd.net/32Wl15b
How to Make Your Windows Virtual Desktop Migration a Real Success (Lakeside Software)
To fully reap the benefits of virtualized desktops and apps, IT teams need to gather and analyze data to carefully assess needs, find the right fit for users, streamline the transition, and cut unnecessary expenses throughout the WVD journey.
https://bit.ly/2Fa1ENC