
What is Red Teaming and why it is important
A red-team assessment resembles a penetration test, except it is more focused. The purpose is to put the company’s detection and reaction skills to the test.
A red-team assessment resembles a penetration test, except it is more focused. The purpose is to put the company’s detection and reaction skills to the test.
The Payment Card Industry Data Security Standard (PCI DSS) is a data security standard for businesses that deal with major credit card systems’ branded cards.
Sox (the Sarbanes-Oxley Act) was a federal law introduced in the United States in 2002 that established new corporate accountability rules to guard against financial scandals like the Enron Corporation’s.
The Health Insurance Portability and Accountability Act (HIPAA) is the law that governs the protection of sensitive patient data
ISO 27001’s entire name is “ISO/IEC 27001 – Information technology — Security approaches — Information security management systems — Requirements.”
Cyber security is the process of protecting hardware, software, and data that are connected to the internet from cyber threats.
Dynamic & Details -Oriented with over 17 years of experience ranging from IT Security, IT Service Operations, End User Services, Remote Infrastructure Management, Data Center Operations, Customer Relationship Management, Service Desk Operations, Cyber Risk and Compliance Management to Third Party Vendor Management .
Small- and medium-sized businesses struggle with misconceptions when it comes to reducing their threat vectors. Learn the importance of protection along with where to start.
Let’s take a look at the evolution and path of Conti ransomware.
In an interconnected world, ensuring that organizations come together to help one another fight cybersecurity adversaries ultimately protects everyone.
Learn about OpenChain ISO/IEC 5230:2020, the International Standard for open-source license compliance, designed to build trust in the supply chain.
Take a look at the BlackBerry 2022 Threat Report, which aims to allow security leaders to perform a thoughtful analysis shaping their security environment.
Microsoft has disrupted operations carried out by a Russian government-aligned threat actor tracked as “SEABORGIUM.” The threat actor uses phishing and credential harvesting to conduct espionage and information operations. SEABORGIUM typically focuses on organizations in Western countries, although it began targeting some Ukrainian organizations shortly before Russia invaded Ukraine.
Hardly a day goes by without a news alert about the latest HUGE data breach. It’s so commonplace today that it rarely rates showing at the top of the news. In a newspaper, the announcement of the latest breach may be on the third page. We’ve become numb to them. And that’s a big problem.
Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently rebranded as Conti). BazarCall callback phishing allows threat actors to craft much more targeted social engineering attacks designed for specific victims. The researchers outline the four stages of this technique:
Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers believe the attack was carried out by an initial access broker with the intent of selling access to the compromised accounts to other threat actors.
Copy right All rights reserved.