SEARCH
All Articles
Securing Access to Data Stored in Amazon S3 Buckets
There have been countless examples of misconfigured access to Amazon S3 buckets containing massive amounts of sensitive data - here’s how you can configure granular access policies and use MFA to protect your data in the cloud.
Cloud Auth - Are You Doing Enough?
What does it take to secure your cloud applications and data? Technology today has made it possible to require stronger authentication controls for access to business-critical applications.
Universities Targeted by Increasing Phishing & Ransomware Attacks
Malicious attacks against U.K. universities have doubled in the past year - find out how to protect against ransomware and phishing attacks that target research data.
The State of the Breach in Healthcare: A Look at 2017 So Far
See how many healthcare data breaches have been reported so far in 2017, how many are due to hacking, what areas are lacking in security protection, how many ransomware attacks have targeted healthcare and more.
New Critical Infrastructure Security Recommendations from NIAC
A White House advisory group, The President’s National Infrastructure Advisory Council (NIAC), has released an 11-step report urging the Administration to take action to protect against “a watershed, 9/11-level cyber attack.”
The State of Real-Time Threat Detection
An overview of tracking ransomware payments, tools to fight ransomware attacks, 3D printing security concerns and more from Black Hat 2017 and DEF CON 25 talks this year.
NIST’s New Security and Privacy Controls For IoT, MFA and SSO
NIST releases a new version of their Security and Privacy Controls, addressing new risks posed by the latest technology - the Internet of Things, plus guidance on combining single sign-on and multi-factor authentication.
Dissecting Security Hardware at Black Hat and DEF CON
Get insights into how to assess security hardware, including experimentations in counterfeiting U2F authentication tokens, different weaknesses in the hardware components of encrypted USB keys and more.
Phishing Vulnerability Exposed with Recently Patched Windows Vulnerability
A recently patched, high-severity Windows vulnerability, CVE-2017-0199, is being used in phishing attacks to deliver malware to users - hitting 1.5 million users in Q2 of this year.
Security Anthropology: How Do Organizations Differ?
Different types of organizations have different threat profiles - instead of classic benchmarking, which can be problematic, researching and creating organizational personas can help us better understand how they approach security issues.
Examining Security Science at Black Hat 2017
Learn about the complexities of conducting security science and phishing tests - the psychological dynamics, validity of security usability studies, ethical issues, hallway testing and more.
Hunting Malicious npm Packages
Duo Labs analyzes npm packages and how attackers can use malicious packages to gain access to and control over systems.
Security Conference OPSEC
Get security conference OPSEC (operational security) tips from a senior security researcher who has seen it all - from trading trust for convenience to unattended personal items, learn how to lock it down when you’re on the road.
Key Updates to NIST’s Digital Identity Guidelines: SP 800-63-3
NIST has updated their Digital Identity Guidelines, SP 800-63-3 with final security recommendations - see the new standards that many industries, including government agencies and contractors, need to follow.
Security Hygiene Tips to Prevent Malware Infection & Stop Lateral Movement
From stopping the initial point of infection to narrowing its path of destruction, here are some tips from the US-CERT (United States Computer Emergency Readiness Team) to help organizations of all sizes stay safe.