Cybersecurity Articles

Microsoft report highlights Mac ransomware threats and techniques

Microsoft has released new details on Mac ransomware threats, techniques and provided guidance on how to protect networks and systems from ransomware attacks.

Microsoft report highlights Mac ransomware threats and techniques Read More »

Cuba ransomware attacks on the rise with new exploits

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Advisory (CSA) with new details regarding Cuba Ransomware attacks.

Cuba ransomware attacks on the rise with new exploits Read More »

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA

The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA Read More »

Palo Alto Networks: Network Security Trends report highlights common RCE vulnerability exploits against web apps

Palo Alto Networks Unit 42 researchers released a new report “Network Security Trends” that highlights how attackers are exploiting remote code execution (RCE), cross-site scripting (XSS), traversal and information disclosure vulnerabilities in multiple vendor products.

Palo Alto Networks: Network Security Trends report highlights common RCE vulnerability exploits against web apps Read More »

cyber security, internet, hacking-3400555.jpg

DevSecOps best practices to secure cloud-native and microservices-based applications

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” The guidelines include many best practices on how organizations and secure their CI/CD pipeline and enhance the software delivery processes.

DevSecOps best practices to secure cloud-native and microservices-based applications Read More »

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks Read More »

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

3 good examples of how to apply the Zero Trust Security Model Read More »