Featured content

This article is part of the series "Penetration Testing Explained". Check out the rest: Part I: Risky Business Part II: RATs! Part III: Playing with RATs and Reverse Shells Part IV: Making the Lateral Move Part V: Hash Dumping and Cracking Part VI: Passing the Hash Part VII: Exfiltration and Conclusions

Last November, we introduced Varonis UBA threat models to automatically analyze behavior and detect insider threats throughout the lifecycle of a breach. Our UBA threat models, which are major enhancements to Varonis DatAlert and are in beta availability, have been helping our customers protect their data – from spotting signs of ransomware activity to catching unusual activity on sensitive data.

When I wrote about Remote Access Trojans (RATs), I thought they were like the mousetraps of the hacking world — it’s hard to improve on.

If you haven’t already seen Mikko Hypponen’s collection of vintage malware at the Internet Archive, take the time for a brief tour. If you’re on a lunch hour, it’s also worthwhile to hear Mikko’s talk on how malware has evolved from its primitive roots.

If you haven’t already heard, the Top 20 Critical Security Controls has a new name. Last year, after the Center for Internet Security(CIS) integrated with the Council on Cybersecurity, the controls are now referred to as the (CIS) Critical Security Controls.

In 2016, the top cyberthreat for IT pros, at least according to ISACA’s Cybersecurity Snapshot, is social engineering. It has always been a classic exploit amongst the hackerati. But in recent years it has become a preferred entry technique.

The idea of taking a direct-to-consumer(DTC) genetic test is intriguing. What was once considered an expensive test that could only be performed in a medical environment can now be purchased by consumers for as little as $100.00 and administered in the home. Simply spit your saliva into a tube, mail it to the lab, and within 6-8 weeks, your results will be ready to view online! It’s exciting to live in a time where new technologies have such an enormous influence in improving our quality of life.

Our sprawling pen-testing series has taken on a life of its own! For your convenience and blog reading pleasure, we’ve assembled all the links to this six seven part series below.

This article is part of the series "Penetration Testing Explained". Check out the rest: Part I: Risky Business Part II: RATs! Part III: Playing with RATs and Reverse Shells Part IV: Making the Lateral Move Part V: Hash Dumping and Cracking Part VI: Passing the Hash Part VII: Exfiltration and Conclusions

With major security threats and vulnerabilities making headlines daily, it’s good to hear there’s now a way for organizations to share experiences and strategically work together. Through the Building Security in Maturity Model (BSIMM), the security efforts of 78 firms – including familiar brands such as HSBC, Citigroup, Fannie Mae, and Aetna – were surveyed and presented to the IT community for free. Companies can compare and benchmark their own security initiatives against these results. Of course, it’s completely up to you and your organization to decide which BSIMM actions to take.

Over the holiday break, I had a chance to see “The Big Short”, the movie based on Michael Lewis’s book about the housing bubble. Or more accurately, about how a group of Wall Street outcasts saw clear signs the mortgage market was heading for a fall. Interestingly, none of the financial clues were a secret.

Table of Contents DPD 2.0 GDPR Vocabulary Articulating the Articles More Articles: The New Stuff Focus Your GDPR Compliance Note: This post now reflects the final version of the EU GDPR.