Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization’s network and systems might not raise […]
Cyber News, Cyber Threat Trends
OpenAI’s chatbot has the promise to revolutionize how security practitioners work.
Cyber News, Cyber Threat Trends
Problem with Wireshark installation on Apple Ventura MacOS Just ran across this issue and seems like a bug, but not sure if it’s in MacOS or Wireshark land. When installing Wireshark as administrative user on Apple Mac OS I installed ChmodBPF multiple times and got no error message. Yet, Wireshark continued to report that ChmodBPF was […]
Cyber News, Cyber Threat TrendsThere are several important cybersecurity principles that small and medium-sized businesses should consider in order to protect themselves from cyber threats:
Cyber NewsWe recently learned that Alec Baldwin is being charged with involuntary manslaughter for his accidental shooting on a movie set. I don’t know the details of the case, nor the intricacies of the law, but I have a question about movie props. Why was an actual gun used on the set? And why were actual […]
Cyber News, Cyber Threat Trends
ACM.141 Delegated AWS Organizations Administrator — Policy as Code This is a continuation of my series on Automating Cybersecurity Metrics. I’ve been writing about how to delegate permission to manage SCPs to our governance team. One way to do that is via a delegated administrator. Delegated Administrator for AWS Organizations In the last post I reverse-engineered the information […]
Cyber News, Cyber Threat Trends
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization’s reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly […]
Cyber News, Cyber Threat TrendsThe head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. […]
Cyber News, Cyber Threat Trends
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions […]
Cyber News, Cyber Threat Trends