Cloud Computing Security Standards

Using content disarm and reconstruction for malware protection

Content disarm and reconstruction is a modern approach to removing malicious code from files, key to detecting and thwarting successful phishing and malware attacks. Continue Reading

Florida city's water nearly poisoned in TeamViewer attack

The intruder increased the quantity of sodium hydroxide in the water from 100 parts per million to 11,100 parts per million briefly before a water plant operator fixed it. Continue Reading

Ninety percent of dark web hacking forum posts come from buyers

Positive Technologies built a picture of dark web hacking forums via data from the 10 active forums and over 8 million users, though the veracity of such posts remains unclear. Continue Reading

Microsoft, SolarWinds in dispute over nation-state attacks

The latest investigation updates from SolarWinds and Microsoft offer differing views on how nation-state threat actors compromised SolarWinds' environment. Continue Reading

5 cybersecurity lessons from the SolarWinds breach

Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading

7 privileged access management best practices

Privileged access is a given in enterprise environments, but it presents many security issues if breached. Follow these seven PAM best practices to mitigate risk. Continue Reading

Risk & Repeat: Diving into the dark web

This week's Risk & Repeat podcast discusses the state of the dark web in 2021, how it has changed and what enterprises should know about the threats that exist there. Continue Reading

SolarWinds Office 365 environment compromised

SolarWinds CEO Sudhakar Ramakrishna said nation-state threat actors first compromised a single email account and later gained access to the company's Orion platform environment. Continue Reading

Cloud security policy configuration in AWS, Azure and GCP

Explore cloud security policy configurations in AWS, Azure and GCP using native security tools in this excerpt of 'Multi-Cloud Architecture and Governance' by Jeroen Mulder. Continue Reading

Secure multi-cloud with architecture and governance focus

Certified enterprise and security architect Jeroen Mulder explains why multi-cloud security architecture planning should be informed by the business and customer perspectives. Continue Reading

Design a human firewall training program in 5 steps

Follow these five steps to develop human firewall training that's not only effective at preventing social engineering attacks, but also relevant and accessible to employees. Continue Reading

Top 11 cloud security challenges and how to combat them

Before jumping feet-first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading

SonicWall confirms zero-day vulnerability on SMA 100 series

After testing NCC Group's findings, SonicWall 'confirmed their submission as a critical zero-day in the SMA 100 series 10.x code, and are tracking it as SNWLID-2021-0001.' Continue Reading

How a social engineering campaign fooled infosec researchers

Impersonation tactics in social engineering attacks have become so elaborate that even highly aware members of the infosec community can fall victim to them. Continue Reading

5 tips to better secure cloud data

A move to cloud introduces new threats to data. Follow these tips to document, evaluate, test, monitor and harden the new environment. Continue Reading

The dark web in 2021: Should enterprises be worried?

SearchSecurity spoke with multiple experts to find out how the dark web has changed, what the security risks are for enterprises and the value of dark web monitoring services. Continue Reading

The security battle over entitlements and permissions creep

IT must continually keep track of entitlements and permissions for all their cloud services, with methods such as CI/CD tools, increased visibility and continuous monitoring. Continue Reading

The case for applying psychology in cybersecurity training

Chartered psychologist Rebecca McKeown describes how psychology in cybersecurity can improve incident response and makes the case for a research-based approach to training. Continue Reading

4 steps toward cloud security automation

Automating security in the cloud can be invaluable for threat detection and mitigation. Explore the four key areas where security professionals should implement automation. Continue Reading

DOJ charges suspect in NetWalker ransomware attacks

The Department of Justice launched a coordinated effort to disrupt the notorious ransomware operation, which has infected healthcare organizations during the COVID-19 pandemic. Continue Reading

5-step IaaS security checklist for cloud customers

Get expert advice on patching, data encryption, and identity and access management responsibilities in this enterprise IaaS security checklist. Continue Reading

Emotet taken down in global law enforcement operation

Ukraine's National Police said two citizens of Ukraine face up to 12 years in prison for their role in maintaining and operating Emotet, and other suspects have been identified. Continue Reading

2021 cybersecurity predictions: Oh, where cybersecurity may go

Jonathan Meyers sees 2021 bringing cybersecurity challenges to the forefront, like more cyberattacks on local governments, BYOD security issues and AI and ML overhype. Continue Reading

Mimecast certificate compromised by SolarWinds hackers

Mimecast conducted an investigation after being alerted by Microsoft that a certificate for Microsoft 365 Exchange Web Services authentication was stolen by a sophisticated actor. Continue Reading

Zero trust 2.0: Google unveils BeyondCorp Enterprise

BeyondCorp Enterprise, which replaces Google's BeyondCorp Remote Access, uses the Chrome browser to extend the zero-trust platform to customers for continuous authentication. Continue Reading

Akamai: Extortion attempts increase in DDoS attacks

New research from Akamai Technologies shows record-breaking DDoS attacks surged in 2020 while extortion-related campaigns against a variety of targets also increased. Continue Reading

SonicWall breached through 'probable' zero-day vulnerabilities

SonicWall's internal systems were breached, and the company is investigating its Secure Mobile Access (SMA) 100 series, a remote access product for SMBs, as a possible vector. Continue Reading

4 ways to minimize the risk of IT supply chain attacks

Mark Whitehead breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners. Continue Reading

Cloud computing forensics techniques for evidence acquisition

With these tools and methodologies, security teams can provide analysts with the critical pieces required to complete a cloud computing forensics investigations puzzle. Continue Reading

Standardize cybersecurity terms to get everyone correct service

Some cybersecurity terms can refer to multiple service offerings, which can be confusing for companies looking to implement them as well as the companies providing them. Continue Reading

5 PaaS security best practices to safeguard the application layer

Underlying APIs, language choice and cybersecurity features can vary widely across PaaS providers. But these five security best practices can help in almost any PaaS scenario. Continue Reading

Private vs. public cloud security: Benefits and drawbacks

Uncover the differences between private vs. public cloud security -- as well as hybrid cloud security -- before deciding on an enterprise deployment model. Continue Reading

How to create a cloud security policy, step by step

Read up on the components of a cloud security policy, what policies cover and why your organization needs them, and download a handy template to get the process started. Continue Reading

Adopting threat hunting techniques, tactics and strategy

Adopt threat hunting techniques that analyze the right data, detect anomalies, use frameworks and compare success metrics, combining manual techniques with AI and machine learning. Continue Reading

FireEye releases new tool to fight SolarWinds hackers

The new tool, dubbed Azure AD Investigator, will help audit Microsoft 365 environments for techniques used by the nation-state actors behind the SolarWinds supply chain attack. Continue Reading

Malwarebytes breached by SolarWinds hackers

Malwarebytes, which is not a SolarWinds customer, confirmed that nation-state actors used an entirely different vector to breach the antimalware vendor and access internal emails. Continue Reading

FBI warns against vishing attacks targeting enterprises

Though the FBI vishing warning references attacks that began in December 2019, the alert is reminiscent of the Twitter social engineering attacks that took place last July. Continue Reading

Combine ML with human intelligence for your security strategy

As hackers target the ever-increasing complexity of company networks, enterprises need to find a balance between machine learning and human intelligence when protecting systems and data. Continue Reading

The 5 different types of firewalls explained

Read up on the five different firewalls' similarities and differences, the three firewall deployment models and tips for choosing the firewall that best meets your company's needs. Continue Reading

Tenable: Vulnerability disclosures skyrocketed over last 5 years

New research from Tenable shows a dramatic increase in vulnerability disclosures since 2015, as well as concerning data about data breaches, ransomware threats and unpatched bugs. Continue Reading

Select a customer IAM architecture to boost business, security

Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your organization's needs? Read on for help deciding. Continue Reading

Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading

Capitol building breach poses cybersecurity risks

While security experts are divided on the level of risk, they agree there is a potential for threats after rioters stormed the Capitol building and ransacked offices. Continue Reading

6 SaaS security best practices to protect applications

Use these SaaS security best practices to ensure your users' and organization's SaaS use stays as protected as the rest of your enterprise applications. Continue Reading

SolarWinds confirms supply chain attack began in 2019

SolarWinds and CrowdStrike published updates Monday that added new information for the timeline of the supply chain attack and how threat actors first gained access. Continue Reading

5 cybersecurity vendors to watch in 2021

Despite the COVID-19 pandemic and economic setbacks, 2020 was another big year for investments in cybersecurity vendors. Here are five startups that stood out from the crowd. Continue Reading

Biometric security technology could see growth in 2021

Enterprise use of biometrics for security may see an uptick by organizations looking to defend themselves from attacks, but they must weigh the concerns against the benefits. Continue Reading

2021 IT priorities require security considerations

AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading

Risk & Repeat: SolarWinds attacks come into focus

This week's Risk & Repeat podcast discusses the fallout from the SolarWinds backdoor attacks as new victims and additional information have come to light. Continue Reading

7 cybersecurity priorities CISOs should focus on for 2021

For 2021, Vishal Salvi argues that CISOs should tie cybersecurity to business agendas better, invest in cloud security, implement IT hygiene, modernize security architecture and more. Continue Reading

Defending against SolarWinds attacks: What can be done?

While no defense is guaranteed, zero-trust access and behavioral monitoring can be useful against nation-state hackers and threats like the SolarWinds attacks. Continue Reading

Explore benefits and challenges of cloud penetration testing

Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help inform cloud pen test strategies. Continue Reading

Organize a cloud IAM team to secure software-defined assets

Building a cloud IAM team with the necessary technical expertise and soft skills is key to securely managing IAM in complex cloud environments. Continue Reading

The SolarWinds attacks: What we know so far

The SolarWinds attacks have left a massive impact on security, tech and the world at large, and events are still unfolding nearly a month after the initial disclosure. Continue Reading

10 cybersecurity best practices and tips for businesses

Looking to improve your business's cybersecurity program? Study these 10 cybersecurity best practices and tips. Continue Reading

The human firewall's role in a cybersecurity strategy

The human firewall is a crucial element of a long-term, holistic security initiative. Explore how human firewalls can protect your enterprise against attacks. Continue Reading

10 of the biggest cyber attacks of 2020

Here is a list of 10 of the largest cyber attacks of a pandemic-dominated 2020, including several devastating ransomware incidents and a massive supply chain attack. Continue Reading

Juggle a multi-cloud security strategy with these 3 steps

Enterprise security best practices must account for changes in cloud landscapes. Learn how to overcome such challenges and bolster multi-cloud security with technology and policy. Continue Reading

Ransomware 'businesses': Does acting legitimate pay off?

Ransomware gangs such as Maze have portrayed themselves almost like penetration testing firms and referred to victims as 'clients.' What's behind this approach? Continue Reading

The enterprise case for implementing live-fire cyber skilling

Companies continue to grapple with the cybersecurity skills gap, but Adi Dar offers a way to ensure security teams are properly trained through the use of live exercises. Continue Reading

Review 6 phases of incident response for GCIH exam prep

'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' takes a deep dive into the six phases of incident response to help security pros with GCIH exam prep and certification. Continue Reading

Preparing for GIAC Certified Incident Handler certification

The author of 'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' shares advice on how to prepare for the exam and why an incident response career can be so rewarding. Continue Reading

Insider risk indicators thwart potential threats

By paying attention to risk indicators, enterprises can tell the difference between insider threat and insider risk to prevent falling victim at the hands of one of their own. Continue Reading

Insider threat vs. insider risk: What's the difference?

Identifying, managing and mitigating insider threats is far different than protecting against insider risks. Read up on the difference and types of internal risks here. Continue Reading

Editor's picks: Top cybersecurity articles of 2020

As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months. Continue Reading

What is bloatware? How to identify and remove it

Unwanted pre-installed software -- also known as bloatware -- has long posed security threats for computers and other devices. Here are strategies for how to detect bloatware and uninstall the potential threat. Continue Reading

Security measures critical for COVID-19 vaccine distribution

The COVID-19 vaccine supply chain is already under attack, which comes as no surprise to experts. The biggest potential threats, however, are still to come. Continue Reading

Endpoint security quiz: Test your knowledge

Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading

Enterprise cybersecurity threats spiked in 2020, more to come in 2021

After an unprecedented year from an enterprise cybersecurity threat standpoint, security leaders are preparing for growing number and sophistication of attacks in 2021. Continue Reading

Quiz: Web application security threats and vulnerabilities

Applications are still the biggest attack vector for malicious actors -- can you protect them? Test your knowledge with this web application security quiz. Continue Reading

SolarWinds backdoor infected tech giants, impact unclear

Reports that technology giants were also affected by the SolarWinds backdoor malware have been confirmed by several major vendors, though there's no evidence they were breached. Continue Reading

How to address the skills gap of security and IT personnel

In part two of Jonathan Meyers' look at the skills gap challenge companies face in cybersecurity, he offers recommendations to consider when ensuring your teams have the skills needed. Continue Reading

Risk & Repeat: SolarWinds backdoor shakes infosec industry

This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies. Continue Reading

CISA: SolarWinds backdoor attacks are 'ongoing'

A joint statement from the FBI, CISA and Office of the Director of National Intelligence says the SolarWinds backdoor attacks are 'ongoing' and have comprised federal agencies. Continue Reading

Microsoft, FireEye create kill switch for SolarWinds backdoor

The kill switch follows several other moves Microsoft made against the malware, including the removal of digital certificates and quarantining the malware in Windows Defender. Continue Reading

SolarWinds struggles with response to supply chain attack

Security researchers discovered the Orion DLL component containing the backdoor used was still present in updates on SolarWinds' website as recently as Monday night. Continue Reading

6 remote workforce cybersecurity strategies for 2021

Remote worker data security has quickly evolved into a top concern for IT security. Here are six strategies to ensure remote workforce cybersecurity in 2021. Continue Reading

SolarWinds breach highlights dangers of supply chain attacks

While the scope of the breach is still unknown, the cyber attack on SolarWinds shows what can happen when sophisticated attackers target just one link of a software supply chain. Continue Reading

Why it's SASE and zero trust, not SASE vs. zero trust

SASE and zero trust are hot infosec topics. But, when it comes to adoption, it's not a question of either/or, but using SASE to establish and enable zero-trust network access. Continue Reading

SolarWinds backdoor used in nation-state cyber attacks

Nation-state hackers conducted a supply chain attack on SolarWinds and planted a backdoor in software updates issued to customers such as FireEye and various government agencies. Continue Reading

Technology a double-edged sword for U.S. election security

Technologies were weaponized to undermine the 2020 U.S. presidential election, but IT systems have also helped to identify fraud and verify results in a hotly contested election. Continue Reading

Tackle multi-cloud key management challenges with KMaaS

Cloud providers' tools for secrets management are not equipped to solve unique multi-cloud key management challenges. Learn how key management-as-a-service tools can fill the gaps. Continue Reading

FBI, CISA warn of growing ransomware attacks on K-12 schools

The FBI and the Cybersecurity and Infrastructure Security Agency warned that cyber attacks targeting K-12 schools are expected to continue through the 2020 - 2021 school year. Continue Reading

3 reasons why CISOs should collaborate more with CFOs

C-suite may not always understand ROI of security efforts, which is why Nabil Hannan suggests that CISOs work more closely with CFOs to learn how to best communicate security's value. Continue Reading

Building an effective security operations center framework

An effective security operations center framework combines monitoring and analysis platforms and threat intelligence services to help organizations respond to risks quickly. Continue Reading

Zero-trust initiatives rely on incremental security improvements

Despite implementation challenges, enterprise security leaders see zero trust as the security model of the future and are moving forward with adoption plans. Continue Reading

Inbound vs. outbound firewall rules: What are the differences?

Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading

How cloud-based SIEM tools benefit SOC teams

It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading

FireEye red team tools stolen in cyber attack

While no zero-day exploits were included in the red team tools, FireEye released detection rules and known vulnerabilities to help organizations defend themselves. Continue Reading

Key SOC metrics and KPIs: How to define and use them

Enterprises struggle to get the most out of their security operation centers. Using the proper SOC metrics and KPIs can help. Learn how to define and benefit from them here. Continue Reading

5 myths about putting security into CI/CD pipelines

Companies looking to introduce security testing earlier into software development must look past myths and understand what to realistically expect before creating their strategy. Continue Reading

Practice Certified Ethical Hacker exam questions

Preparing for your Certified Ethical Hacker certification? Assess your knowledge of topics on the CEH exam with these practice test questions. Continue Reading

Forescout reports 33 new TCP/IP vulnerabilities

The lack of consistent updates (and the open source nature of the stacks) make the Amnesia:33 vulnerabilities difficult to fix as well as make it difficult to comprehend the full impact. Continue Reading

New Microsoft Teams RCE vulnerability also wormable

In his GitHub post, researcher Oskars Vegeris discussed Microsoft classifying the vulnerability as 'Important' rather than 'Critical,' despite it being exploitable via RCE. Continue Reading

Ethical hacker career path advice: Getting started

Matt Walker, author of a Certified Ethical Hacker exam guide and practice exam book, offers advice to career hopefuls on the profession, CEH certification and more. Continue Reading

Salesforce advised users to skip Chrome browser updates

Salesforce recommended users dealing with mixed content issues to skip Chrome upgrades or roll back to older versions of the browser, but the vendor later removed those steps. Continue Reading

Pros and cons of an outsourced SOC vs. in-house SOC

Security operations centers have become an essential element of threat detection. Here's how to decide whether to build one in-house or outsource SOC capabilities. Continue Reading

Russian state-sponsored hackers exploit VMware vulnerability

The NSA issued a cybersecurity advisory warning government agencies to mitigate as soon as possible, as the vulnerability was disclosed and patched last week. Continue Reading

7 SecOps roles and responsibilities for the modern enterprise

Now hiring: As organizations increasingly favor proactive cyber threat hunting and detection over bare-bones prevention, SecOps roles and responsibilities are shifting, too. Continue Reading

Counter threats with these top SecOps software options

SecOps tools offer many capabilities to address common threats enterprises face, including domain name services, network detection and response, and anti-phishing. Continue Reading