Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
August 10, 2021Learn the importance of understanding the assignments of Azure resource roles when giving permissions.
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
August 4, 2021Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infr...
The AWS Shared Responsibility Model: Everything You Need to Know
August 2, 2021What the shared responsibility model means, its many challenges & how to protect your cloud infrastructure.
Focus on the Fundamentals: 6 Steps to Defend Against Ransomware
July 21, 2021Ransomware is the monetization of poor cyber hygiene. Here are 6 steps you can take to improve your security defenses. Ransomware attacks have become a boardroom issue for nearly every organization...
AWS Resource Provisioning with Attribute Based Access Control (ABAC): What You Need To Know
July 19, 2021ABAC offers highly dynamic control of the actions that principals can perform on resources, however there are some things you need to pay attention to when using ABAC in order to avoid unnecessary security gaps.
CVE-2021-34527: Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
July 7, 2021Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update Jul...
The Importance of Identity and Access Management (IAM) in Cloud Infrastructure
July 7, 2021How to manage human and service identities, and their entitlements, to secure your cloud infrastructure.
Elon Musk and YouTube Advertising Scams: Fake SpaceX “Coin” Promoted in Ads During Cryptocurrency Videos
June 24, 2021Scammers are on pace to steal nearly $1 million USD from unsuspecting users through a popular decentralized finance protocol, Uniswap, by abusing YouTube to promote a fake SpaceX coin as part of ads a...
10 Reasons Why Websites STILL Get Hacked
June 21, 2021Even with all of the cybersecurity solutions on the market today, websites are still getting hacked by attackers. Find out how your organization could be exposed to hackers
Configuring The Ports That Nessus Scans
June 21, 2021When only select ports require scanning, use these easy steps to define themWhen assessing targets with a network scanner like Nessus, a common question is "How do I control the ports that Nessus test...
Why Privileged Access Management (PAM) Fails Cloud Infrastructure…and What to do About it
June 20, 2021PAM, its challenges for AWS, GCP and Azure environments — and CIEM as a solution.
False Negatives in Attack Surface Mapping
June 10, 2021Attack surface mapping tools can miss assets for a wide variety of reasons. Here we list 15 such scenarios, including a broken DNS server, the use of round-robin DNS and ephemeral infrastructure.