News
-
AT&T teams with Cisco to create new managed SASE offering
Whether organizations call it digital transformation or just using technology to create opportunities for new, easier ways to work, one thing is certain. Businesses increasingly need to find simpler ways to securely build and manage new kinds of connections that support an era of: frustration-free hybrid work; meaningful collaboration; anywhere, anytime access to application data;…
-
What to Do If You’re Caught Up in a Data Breach
It happens with more regularity than any of us like to see. There’s either a headline in your news feed or an email from a website or service you have an account with—there’s been a data breach. So what do you do when you find out that you and your information may have been caught…
-
Israeli newspapers targeted by hackers on anniversary of Iranian general’s assassination
The Jerusalem Post says that its website was defaced on Monday, and pointed the blame at pro-Iranian hackers who they said posted an illustration depicting a ballistic missile being launched at an exploding nuclear facility in Dimona. Read More
-
New Hardened macOS 11 & 10.15 VMs in AWS Marketplace
Apple users rejoice! CIS Hardened Images for macOS Big Sur (11) and Catalina (10.15) are now available in Amazon Web Services (AWS) Marketplace. These CIS Hardened Images are the first independently-developed offering for macOS Amazon machine images (AMIs) in AWS Marketplace. CIS Hardened Images, pre-configured virtual machine images, provide an additional layer of security to…
-
Technology’s contributions toward safety in healthcare
This blog was written by an independent guest blogger. Technology in healthcare has the potential to make all the difference in terms of safety outcomes. Right now, modern tech is pushing the envelope of what is possible in the doctor’s office and the patient’s home, as telehealth and artificial intelligence transform the landscape of medical…
-
NSA Guidance: Zero Trust Applied to 5G Cloud Infrastructure contd: Parts 3 and 4
Part 2 of a 2-part series By: Kathleen M. Moriarty, CIS Chief Technology Officer and active participant in the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross Sector Enduring Security Framework (ESF) Working Group “Security Guidance for 5G Cloud Infrastructures” is a series of four documents intended to help secure cloud environments. It’s been created as…
-
The Internet is for Everyone to Enjoy—We’re Helping See to It
The internet is meant for all to enjoy. And that’s who we’re looking out for—you and everyone who wants to enjoy life online. We believe it’s important that someone has your back like that, particularly where some of today’s hacks and attacks can leave people feeling a little uneasy from time to time. You’ve probably seen stories about data breaches at big companies pop up in your news feed. Or perhaps you or someone you know had their debit or credit card number hacked. Problems…
-
Happy 12th Birthday, KrebsOnSecurity.com!
KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site’s birthday also is a welcome opportunity to thank you all for your…
-
Manual and semi-automated testing for IDORs using Burp Suite
This blog was written by an independent guest blogger. This article explores how you can locate Insecure direct object references (IDORs) using Burp Suite. Primarily, there are two ways to test the IDOR flaw, manual and semi-automated. For automation, this article focuses on the Autorize Plugin in Burp Suite. What are Insecure Direct Object References…
-
What’s the Difference Between Identity Fraud and Identity Theft?
What’s the difference between identity fraud and identity theft? Well, it’s subtle, so much so that it’s easy to use them nearly interchangeably. While both can take a bite out of your wallet, they are different—and knowing the differences can help you know understand what’s at stake. Let’s start with an overview and a few examples of…