Featured content

Simply put, network segmentation is the act of dividing a computer network into smaller physical or logical components.

Phishing attacks. They’re ubiquitous, easy to carry out, and at the root of some of the most devastating cyberattacks in history. Phishing is a type of social engineering attack, employing deceit and coercion to trick a user into revealing sensitive information or downloading malware. Those pesky fake emails pretending to be from your bank might seem like a mere annoyance, but phishing has very real implications for companies, governments, and other types of organizations. In fact, Verizon’s 2021 Data Breach Investigation Report (DBIR) lists phishing as the most common tactic seen in confirmed breaches. According to Symantec, one in 2,000 emails are phishing attacks, which means there are 135 million phishing attacks every day [1].

“Take the CISO job,” they said. “It’ll be great,” they said.

Imagine if everyone with an Amazon Echo in their home had to assume it’s been unlocking their doors and letting a thief inside for the past 6 months. How would you figure out what’s missing if they copied your keys, your hard drives, or whatever is in your file cabinet, poisoned your water supply?

This post will cover how to connect PowerShell to Office 365 (Azure Active Directory (Azure AD)), which manages Microsoft 365 tenant identities and licenses. I will also cover connecting to other services and products in Microsoft 365, such as Exchange, SharePoint, and Microsoft Teams.

Malware Overview This Malware Trends Report – November 2020 is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

A port scanner is a computer program that checks network ports for one of three possible statuses – open, closed, or filtered.

Role-Based Access Control (RBAC) is a security paradigm whereby users are granted access to resources based on their role in the company. RBAC, if implemented correctly, can be an effective way of enforcing the principle of least privilege.

Emotet, Trickbot, Maze, Ryuk, and now Netwalker ransomware— cybercrime has increased exponentially in the last year. Ransomware has been a serious plight across industries big and small, public and private, with no sign of letting up.

Financial services organizations must safeguard tons of highly sensitive information, but data is often left exposed to far too many people. If just one employee clicks on a phishing email, attackers will move into action fast – and they’ll be able to copy, change, encrypt or delete any files the victim can touch. Pretty scary, huh?

Unstructured data governance can be a chaotic mess. A new employee has access to 17,000,000 files the moment they walk in the door. Unmanaged data access represents a considerable risk to data security, which is why we built DataPrivilege and invented a methodology to define data owners to address this risk.

An incident response plan ensures that in the event of a security breach, the right personnel and procedures are in place to effectively deal with a threat. Having an incident response plan in place ensures that a structured investigation can take place to provide a targeted response to contain and remediate the threat.