Security Boulevard

Artifact integrity is crucial in maintaining software security and trustworthiness. High-profile breaches like SolarWinds, CodeCov, 3CX, and JumpCloud have shown how altering artifact contents can lead to significant security vulnerabilities, enabling attackers to infiltrate and compromise software supply chains. This is the first in a series of blog posts about the importance of artifact integrity, ... Read more

The post Securing Artifacts: Keyless Signing with Sigstore and CI/MON appeared first on Cycode.

The post Securing Artifacts: Keyless Signing with Sigstore and CI/MON appeared first on Security Boulevard.

In October 2023, Google announced the launch of kvmCTF, a new vulnerability reward program (VRP) designed to improve the security of the Kernel-based Virtual Machine (KVM) hypervisor. This innovative program comes with bounties of up to $250,000 for full VM escape exploits, marking a significant step in fortifying virtual machine (VM) environments against zero-day vulnerabilities. […]

The post kvmCTF: Google’s $250K Bounty for KVM Zero-Day Vulnerabilities appeared first on TuxCare.

The post kvmCTF: Google’s $250K Bounty for KVM Zero-Day Vulnerabilities appeared first on Security Boulevard.

This Article Insider Risk Digest: July was first published on Signpost Six. | https://www.signpostsix.com/

Welcome to this month’s Insider Risk Digest. This month, we explore a range of insider threats affecting sectors from government to entertainment and pharmaceuticals. Highlights include potential espionage in critical infrastructure projects, a former CIA analyst’s espionage charges, and significant corporate breaches at Disney and Roche. We also examine ethical controversies at OpenAI and organized […]

This Article Insider Risk Digest: July was first published on Signpost Six. | https://www.signpostsix.com/

The post Insider Risk Digest: July appeared first on Security Boulevard.

Two-plus decades of enduring wave after wave of mobile app malware and fraud has finally taken its toll on users.

Now comes a global survey from Appdome and OWASP that reveals the vast majority of consumers are fed up.

I … (more…)

The post Black Hat Fireside Chat: Consumers demand secure mobile apps; it’s high time for brands to deliver first appeared on The Last Watchdog.

The post Black Hat Fireside Chat: Consumers demand secure mobile apps; it’s high time for brands to deliver appeared first on Security Boulevard.

If you’ve landed here, chances are you know just how challenging getting SOC 2 certification can be. Dealing with manual processes, spreadsheets, and endless piles of documentation can feel like a never-ending battle.  I get it—it’s overwhelming and inefficient. In your search for a more streamlined approach, you’re likely looking for a solution beyond SOC […]

The post Best 5 SOC 2 Compliance Software in 2024 appeared first on Centraleyes.

The post Best 5 SOC 2 Compliance Software in 2024 appeared first on Security Boulevard.

As per recent media reports, two Russian nationals have pleaded guilty in a United States (US) court for affiliate participation in the LockBit ransomware attacks. The two individuals part of the LockBit ransomware scheme have been identified as Ruslan Magomedovich Astamirov and Mikhail Vasiliev. In this article, we’ll dive into the details of the plea […]

The post LockBit Ransomware: Two Russians Plead Guilty For Attacks appeared first on TuxCare.

The post LockBit Ransomware: Two Russians Plead Guilty For Attacks appeared first on Security Boulevard.

Stay Safe Online: 5 Essential Tips for World Wide Web Day
josh.pearson@t…
Thu, 08/01/2024 - 07:00

World Wide Web Day is celebrated each year on the first of August, marking the day the Internet was first made available to the public in 1991. The day provides an opportunity to reflect on the web's impact on our lives and to celebrate the creativity and genius of Sir Tim Berners-Lee and the many others who have contributed to its development.

However, it's also a crucial reminder to ensure our online safety. As our digital lives increasingly intertwine with our real-world identities, we leave a trail of personal information on the internet. Cyber threats such as phishing, identity theft, and malware attacks are ever-present dangers that can compromise our privacy and security.

Data Security Identity & Access Management Compliance Insider Threat Andrew Gertz | Senior Manager, Web and Digital Marketing, Thales
More About This Author >

World Wide Web Day is celebrated each year on the first of August, marking the day the Internet was first made available to the public in 1991. The day provides an opportunity to reflect on the web's impact on our lives and to celebrate the creativity and genius of Sir Tim Berners-Lee and the many others who have contributed to its development.

However, it's also a crucial reminder to ensure our online safety. As our digital lives increasingly intertwine with our real-world identities, we leave a trail of personal information on the internet. Cyber threats such as phishing, identity theft, and malware attacks are ever-present dangers that can compromise our privacy and security.

So, as we celebrate World Wide Web Day, let's reflect on the importance of protecting ourselves in the digital landscape and explore five essential tips to secure our personal information.

Weaving a Cyber Safety Net

Having a robust anti-malware solution is vital. As we celebrate the power of the internet to connect people and share information, we must also acknowledge the vulnerabilities that come with this connectivity. Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality.

An effective anti-malware solution is a critical defense, safeguarding our digital environments from malicious attacks. By ensuring robust protection against malware, we can enjoy the benefits of the web while maintaining the security and integrity of our online presence.

Two is Better Than One

Two-factor authentication (2FA) is one of the most effective ways to enhance online security. It adds an extra layer of protection to your accounts by requiring two forms of verification before granting access.

Typically, this involves using two of the three common authentication mechanisms: something you know (like a password), something you have (like a smartphone), and something you are (like a fingerprint).

By enabling 2FA, even if a bad actor manages to obtain your password, they will still need the second factor to access your account. Many online services, including email providers, social media platforms, and financial institutions, offer 2FA options. Activating this feature dramatically cuts the risk of unauthorized access and helps safeguard your personal information.

Safeguard Your Digital Self

Your digital identity is a combination of personal information, such as your name, address, birth date, and social security (or another form of government ID) number, used to identify you online. Protecting this information is key to preventing identity theft and fraud.

To protect your digital identity, avoid sharing sensitive information on public forums or social media platforms. Be cautious of unsolicited requests for personal details and verify the source's legitimacy before providing any information.

Remember that attackers are cunning and use clever social engineering techniques to exploit human psychology and manipulate us into giving out confidential information. This trick can often be recognized by unsolicited requests for sensitive data, an urgent tone, or an offer that seems too good to pass up. Follow the rule of thumb that if something looks too good to be true, it is.

Click with Caution

Cybercriminals have many weapons in their arsenal. They use phishing tactics to trick people into clicking on malicious links or opening malware-ridden attachments. Learning to recognize suspicious activity is crucial for protecting yourself online.

Be wary of unexpected emails, messages, or phone calls requesting personal information or urging you to click on a link. Look for red flags such as poor grammar, generic greetings, and unfamiliar sender addresses. If something seems off, verify the authenticity of the communication by contacting the organization directly through official channels.

Understanding common cyber threats can help you identify and avoid scams. Trust your instincts and always err on the side of caution when dealing with unsolicited communications.

Scrub the Cyber Grime

Good cyber hygiene is key. It involves adopting regular practices and habits to maintain the security and health of your online environment. These practices can significantly reduce your vulnerability to cyber threats.

Start by using strong, unique passwords for each of your accounts. Avoid using easily guessable information, such as birthdays or common words, and consider using a mix of letters, numbers, and symbols.

Regularly change your passwords and avoid reusing old ones. Consider using a password manager if you feel you will become overwhelmed with a large number of complex passwords that need to be securely stored and easily accessible. Additionally, it's wise to gradually transition to using passkeys, as more and more service providers support this authentication method.

Keeping your software up to date is vital for maintaining online security. Software updates often include patches for security vulnerabilities that malefactors can exploit. Whether it's your operating system, web browser, or any other application, staying updated ensures you have the latest protections against cyber threats. Enable automatic updates whenever possible to ensure you don't miss critical patches.

Enjoying the Digital World

As we celebrate World Wide Web Day, we must remember the importance of online safety. The internet offers immense benefits, but it also presents significant risks. You can enjoy the digital world by implementing robust solutions, enabling 2FA, protecting your digital identity, updating software regularly, recognizing suspicious activity, and practicing good cyber hygiene while keeping your personal information secure.

Thales offers an extensive portfolio of solutions designed to help you safeguard your digital lives. Its advanced encryption technologies, secure authentication methods, and data protection services ensure that sensitive information remains safe from unauthorized access. Thales' solutions are trusted by businesses worldwide to secure everything from financial transactions to personal communications.

Additionally, Thales integrates Imperva’s robust anti-malware protections, providing an extra layer of security against malicious attacks. Together, these comprehensive security measures empower individuals and companies to protect their digital identities and assets with confidence.

Stay safe, stay informed, and take proactive steps to protect yourself online. Happy World Wide Web Day!

Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"headline": "Stay Safe Online: 5 Essential Tips for World Wide Web Day",
"description": "In celebration of World Wide Web Day, Thales shares five essential tips to ensure online safety, covering topics from anti-malware solutions to two-factor authentication and good cyber hygiene.",
"datePublished": "2024-08-01",
"author": {
"@type": "Person",
"name": "Andrew Gertz",
"url": "https://cpl.thalesgroup.com/blog/author/agertz",
"sameAs": "https://www.linkedin.com/in/andrewgertz/"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"mainEntityOfPage": {
"@type": "WebPage",
"@id": "https://cpl.thalesgroup.com/blog/data-security/stay-safe-online-5-essential-tips"
}
} studio THALES BLOG Stay Safe Online: 5 Essential Tips for World Wide Web Day

August 1, 2024

The post Stay Safe Online: 5 Essential Tips for World Wide Web Day appeared first on Security Boulevard.

In this episode, Tom Eston hosts Jeswin Mathai, Chief Architect at SquareX. This episode is part two of a series featuring SquareX, and Jeswin takes a deeper look into their cybersecurity solutions. Jeswin shares his extensive experience in the field and details how SquareX offers innovative protections at the browser level to guard against phishing […]

The post How SquareX is Redefining Web Security: An In-Depth Discussion with Chief Architect Jeswin Mathai appeared first on Shared Security Podcast.

The post How SquareX is Redefining Web Security: An In-Depth Discussion with Chief Architect Jeswin Mathai appeared first on Security Boulevard.

The FCC is running a new cybersecurity pilot program that will help eligible schools and libraries pay for a variety of cybersecurity investments.

The post How to spot signs of ransomware in your school district appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post How to spot signs of ransomware in your school district appeared first on Security Boulevard.

U.S. ports, shipping companies and critical pipelines have repeatedly sustained cyberattacks, with increasing severity and consequences.

The post Maritime Cybersecurity: Avoiding the Next DALI  appeared first on Security Boulevard.

Federated learning enables better fraud detection while simultaneously guaranteeing data privacy and security, aligning with our common needs.

The post Join the Fight: Calling Fintech Leaders to Unite With Federated Learning for Superior Fraud Detection appeared first on Security Boulevard.

Microsoft acknowledged a service disruption that affected a range of its cloud services on July 30, 2024. The incident, which spanned from 11:45 UTC to 19:43 UTC, saw customers globally experiencing difficulties connecting to services such as Azure App Services, Application Insights, and the Azure portal, among others. The unexpected surge in usage was attributed […]

The post Breaking News: Microsoft Azure Faces Service Disruption Amidst DDoS Attack appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Breaking News: Microsoft Azure Faces Service Disruption Amidst DDoS Attack appeared first on Security Boulevard.

Software development is as dynamic as it is challenging, so understanding what goes into your applications is more crucial than ever. As usage of open source continues to grow, so does the complexity in ensuring software components are secure, compliant, and of high quality.

The post Evolving development with software composition analysis and software bills of materials appeared first on Security Boulevard.

In the early hours of Friday, July 19th, airline flights were halted, hospitals couldn’t serve patients, and critical infrastructure was disrupted—all because of a security software update gone wrong. Systems

Read More

The post Understanding the Impact of the CrowdStrike Event appeared first on Axio.

The post Understanding the Impact of the CrowdStrike Event appeared first on Security Boulevard.

Allure Security recently collaborated with the Jack Henry to create a new integration for the Jack Henry Banno banking platform to increase financial institutions’ security against online brand impersonation, phishing, and account takeover scams targeting institutions and their patrons. The integration is now available to customers of both Jack Henry Banno and Allure Security.  Built […]

The post New Jack Henry Banno Integration from Allure Security Strengthens Security Against Phishing and Online Impersonations first appeared on alluresecurity.

The post New Jack Henry Banno Integration from Allure Security Strengthens Security Against Phishing and Online Impersonations appeared first on Security Boulevard.

A recent leak may have exposed sensitive information related to Taylor Swift’s concert tickets. This incident is directly connected to the data breach that occurred on TicketMaster a few weeks ago. A New Data Package Surfaces on the Dark Web Following TicketMaster Breach This new leak emerged following the TicketMaster incident. The threat actor known …

The post Taylor Swift Ticket Leak: A Potential Threat from the Recent TicketMaster Breach appeared first on Security Boulevard.

Authors/Presenters:Xhani Marvin Saß, Richard Mitev, Ahmad-Reza Sadeghi

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M appeared first on Security Boulevard.

A DDoS attack cause outages of such Microsoft services as Azure, Microsoft 365, and Outlook, but an implementation error in the company's defenses made the situation worse, the IT giant said.

The post Microsoft: DDoS Attack on Azure Services Exacerbated by Defense Error appeared first on Security Boulevard.

|less — In Detection Engineering and Threat Hunting, quality beats quantity every time.

|more — If the title of this blog posts brings a smile to your face, chances are we have a lot in common. Back in my day, OS/2 Warp was one of the coolest operating systems around, TokenRing networks were the go-to topology, Lotus 1–2–3 was a “killer-app”, and TikTok was just the sound that clocks made.

This may feel a bit like another Boomer rant (maybe it is), but in today’s age of hyper-consumerism, we’ve normalized the expectation that tens, hundreds, sometimes even thousands of choices are available to us when we’re looking for a solution to any given problem. Whilst I’m not advocating for the polar-opposite, I do find, at least for myself, this can prompt a bit of ‘analysis-paralysis’.

This tendency is in our nature as humans; given options, we’re inclined to spend cycles going through them all and performing a mental |diff -u.
If it is just me, shopping for the latest gadget, I can spend a somewhat unlimited amount of time ‘researching’ and diving deep in the weeds on things with no truly negative effect. However, if I’m at the supermarket and presented with similar options, my significant-other would not be pleased if I spent two hours trying to choose between store-bought, name-brand domestic, and exotic imported goods.

When it comes to building or consuming new detection rules for our SIEM or queries and searches for Threat-Hunting, our manager will be less than pleased if we were to again fall prey to the same paralytic behavior.

The question is — how many detections are enough detections? If you really think about it, you can only deploy so many detections in your SIEM/EDR
(x number of) before you either hit a hard-coded limit, you hit a wall in terms of system performance, bringing the system down (and giving you unlimited time off…) , or you overwhelm your SOC Analysts.

Either way, you’re not accomplishing your task and so again, your manager will be less than pleased. So, in answering the question of — how many detections are enough detections -we might conclude the correct answer is the one(s) that actually work well (we’ll cover ‘just the ones that you need/fill in the gaps’ in a future episode).

Now, this would appear to be an overly obvious statement but how do we truly know which detections will actually work and work well? For us to do that, we really need to define what we mean by ‘detections that actually work’ and ‘detections that work well’.

For us (and hopefully you), ‘detections that work’ trigger on true-positive events and ‘detections that work well’ trigger those alerts in a manageable, actionable, and repeatable way.

Again, that seems basic, yet most detections we run across have never been truly tested, let alone gone through a standardized process for creation. This tends to lead to bloat in our deployed detections and our workflow (or an increase in cycles as we go about evaluating and refining those detections).

So, what can be done about that?

Detections That Work

Well, here at SnapAttack, our Threat Detection platform and in-house Purple Team have developed both standardized processes and tooling for creating detections which are tested from the start. We do this by creating detections directly off events which have been captured as part of a Sandbox exercise, which we call Threat Sessions.

Figure A — Sandbox Threat Session

During these Sandbox exercises, our in-house Purple Team reproduces malicious activity to capture all the events, log files, keystrokes, and video. From here, they use this research data to A) create new detections based directly off those malicious events which were captured in the Sandbox exercise and B) use this data to re-test both new and old detections so identify which ones trigger on true-positive events.

Figure B — Sandbox-Tested Validated Detection

Ultimately, this empowers the SnapAttack team to produce better detections more quickly and enables the platform to indicate which detections, from SnapAttack’s growing library of pre-written rules and queries, “actually work”.

Detections That Work Well

Now I know what you’re thinking, “Detections that trigger on way too many things, even if they are ‘true positives’, aren’t that useful”. We agree; noisy detections are not detections that “work well”. It is for this reason that the SnapAttack platform also incorporates, what we call, ‘Detection Confidence’, which is a way to programmatically, and proactively, test and measure how noisy a specific detection is in your unique production environment, not some test lab.

Figure C — Confidence Tailoring Dashboard

By running all of our detections as a search against your existing events and data, a process that we call ‘Confidence Tailoring’, our platform is essentially “ranking” the performance of each detection, so that consumers of the detection library know exactly how a piece of detection content will perform in their own environment without having to embark upon a tedious and time-consuming testing process.

Conclusion

So, the next time you’re looking for detections, start by asking “if the detections actually work” and “if they work well”; chances are the answer will be ‘More or Less’.

Of course, there’s a lot more that goes into creating Validated, High Confidence Detections but I hope this gives you some ideas on what to consider when reviewing a repository of detections and I hope that helps you see why, in Detection Engineering, Less is More…|more or |less .

If any of this sounds even remotely interesting —
please reach out for a demo of our platform today!

We’d love to show you exactly how we can help you detect more threats faster with SnapAttack.

Platform | SnapAttack

Book a Demo with SnapAttack

Less is More…|more or |less was originally published in SnapAttack on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Less is More…|more or |less appeared first on Security Boulevard.

Join us to confront confusion over responsibilities and risks, and discover bold strategies to secure SaaS. Empower your CISO, security team, and application owners with actionable insights.

The post State of SaaS Security Report 2024: Key Findings & Tips from Deployments at Scale appeared first on AppOmni.

The post State of SaaS Security Report 2024: Key Findings & Tips from Deployments at Scale appeared first on Security Boulevard.