eSecurity Planet

DECEMBER 3, 2021

Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. His 1994 book detailing cryptographic algorithms ( Applied Cryptography ) was just the beginning of his contributions to technical perspectives on system design, cybersecurity, privacy, and more. Dave Kennedy | @hackingdave.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

NopSec

AUGUST 13, 2013

This week we come back with our blog series on SANS 20 Critical Controls and focus on Audit Logs and Controlled Access. Audit Logs for firewall, network devices, servers and hosts are most of the time the only way to determine whether or not the host has been compromised and the only way to control the activity of the system administrator.

Firewall 40

Firewall System Administration Encryption Authentication 40

Thales Cloud Protection & Licensing

JANUARY 23, 2018

To ensure a secure multi-tenant environment for consolidation, you need a solution that: adequately isolates security for specific tenants or customers; authorizes access to the data itself without allowing even systems administrators or privileged users to see the data; and. achieves performance without compromising security.

Cloud Migration 82

Cloud Migration System Administration Architecture Firewall 82

Security Boulevard

FEBRUARY 28, 2022

Clearly, traditional firewalls and antivirus systems will not be sufficient; the complex IIoT infrastructure demands something more advanced. With this unique identity in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes.

Manufacturing 98

Manufacturing IoT Authentication Artificial Intelligence 98

Security Boulevard

FEBRUARY 10, 2022

Network control measures like firewalls, secure socket layer (SSL), and data loss prevention (DLP) tools sought to outmaneuver malicious code rather than directly combat it. This technique lets attackers deliver malicious code to thousands of systems through a vector that security measures routinely ignore?—?a a trusted vendor.

Malware 96

Malware Software Ransomware Adware 96

CyberSecurity Insiders

NOVEMBER 18, 2021

This blog was written by an independent guest blogger. This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. It is tough to do without a dedicated team and security solutions like firewalls, intrusion detection, antiviruses and more.

Accountability 133

Accountability Passwords Authentication Social Engineering 133

NopSec

MARCH 16, 2020

I include a sampla here: Vulnerabilities affecting VPN and NG firewalls such as Cisco and Palo Alto Networks, much like the Palo Alto Networks GlobalProtect SSL VPN Critical Pre-authentication vulnerability – CVE-2019-1579. The disclosure blog post can be found here.

VPN 40

VPN Accountability Risk System Administration 40

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. In line with our predictions, we released two blog posts in 2022 introducing sophisticated low-level bootkits. The next WannaCry.

Firmware 110

Firmware Surveillance Mobile Telecommunications 110

Digital Shadows

AUGUST 17, 2021

It could be a system administrator who has access to sensitive defense information and recently just met an attractive fitness influencer on social media (hello, Iran !). A compromised customer account might use business email compromise tactics to phish everyone in that customer’s circle.

Phishing 52

Phishing Accountability Social Engineering Mobile 52