Featured Content
-
Jun 19, 2020
GDPR Data Breach Guidelines
Index Personal Data Breach vs. Reportable Breach Notifying the Regulators Breach Notification and Ransomware Individual Reporting Breach Notification in Phases Notification Details This Is Not Legal Advice The General Data...
Michael Buckbee
8 min read
-
Jun 19, 2020
A Few Thoughts on Data Security Standards
Did you know that the 462-page NIST 800-53 data security standard has 206 controls with over 400 sub-controls1? By the way, you can gaze upon the convenient XML-formatted version here....
Michael Buckbee
3 min read
-
Jun 19, 2020
More NSA Goodness: Shadow Brokers Release UNITEDRAKE
Looking for some good data security news after the devastating Equifax breach? You won’t find it in this post, although this proposed federal breach notification law could count as a...
Michael Buckbee
2 min read
-
Jun 19, 2020
Do Your GDPR Homework and Lower Your Chance of Fines
Advice that was helpful during your school days is also relevant when it comes to complying with the General Data Protection Regulation (GDPR): do your homework because it counts for...
Michael Buckbee
3 min read
-
Jun 19, 2020
Interview With Wade Baker: Verizon DBIR, Breach Costs, & Selling Boardrooms on Data Security
Wade Baker is best known for creating and leading the Verizon Data Breach Investigations Report (DBIR). Readers of this blog are familiar with the DBIR as our go-to resource for...
Michael Buckbee
14 min read
-
Jun 19, 2020
DNSMessenger: 2017's Most Beloved Remote Access Trojan (RAT)
I’ve written a lot about Remote Access Trojans (RATs) over the last few years. So I didn’t think there was that much innovation in this classic hacker software utility. RATs, of...
Michael Buckbee
2 min read
-
Jun 17, 2020
Varonis Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims
The Varonis Security Research team discovered a global cyber attack campaign leveraging a new strain of the Qbot banking malware. The campaign is actively targeting U.S. corporations but has hit networks...
Dolev Taler
4 min read
-
Jun 17, 2020
How to Protect GDPR Data with Varonis
In the overall data security paradigm, GDPR data isn’t necessarily more important than other sensitive data, but demands specific monitoring, policy, and processing – with significant fines to encourage compliance....
Michael Buckbee
3 min read
-
Jun 17, 2020
Adventures in Fileless Malware, Part II: Sneaky VBA Scripts
I’m a fan of the Hybrid Analysis site. It’s kind of a malware zoo where you can safely observe dangerous specimens captured in the wild without getting mauled. The HA...
Michael Buckbee
5 min read
-
Jun 17, 2020
Wyden’s Consumer Data Protection Act: Preview of US Privacy Law
The General Data Protection Regulation (GDPR) has, for good reason, received enormous coverage in the business and tech press in 2018. But wait, there’s another seismic privacy shift occurring, and...
Michael Buckbee
4 min read
-
Jun 17, 2020
Koadic: Security Defense in the Age of LoL Malware, Part IV
One of the advantages of examining the gears inside Koadic is that you gain low-level knowledge into how real-world attacks are accomplished. Pen testing tools allow you to explore how...
Michael Buckbee
5 min read
-
Jun 17, 2020
MITRE ATT&CK Framework: Everything You Need to Know
The MITRE ATT&CK matrices are an invaluable resource for cybersecurity pros. Read on to learn more about ATT&CK tactics and techniques.
Michael Buckbee
6 min read