New cybersecurity sheets from CISA and NSA: An overview

The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments. This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat […]

The post New cybersecurity sheets from CISA and NSA: An overview appeared first on Security Intelligence.

Continue reading New cybersecurity sheets from CISA and NSA: An overview

How Morris Worm Command and Control Changed Cybersecurity

A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) […]

The post How Morris Worm Command and Control Changed Cybersecurity appeared first on Security Intelligence.

Continue reading How Morris Worm Command and Control Changed Cybersecurity

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Indu… Continue reading How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Security in the Age of Increasing Cyberattacks

In June 2021, I was discussing with a colleague why, despite all the discourse about security, we continue to read about cybersecurity attacks. On that same day, the Belgian city of Liege announced that it had been the victim of a ransomware attack. D… Continue reading Security in the Age of Increasing Cyberattacks

Automated Network Segmentation is a Security Service Away

Network segmentation is a practice as old as Ethernet. Though it was originally a practice to limit broadcast domains, as the number of connected devices and environments grew, the applicability of segmentation became a staple practice for security, a… Continue reading Automated Network Segmentation is a Security Service Away

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities. Continue reading Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

How to Protect Your Business from Ransomware

After a series of ransomware attacks hit cities last year, finally some good news: Las Vegas was able to stop a ransomware cyber-attack in its tracks. When the cyber-attack was detected, the city responded by taking down its computer network to investi… Continue reading How to Protect Your Business from Ransomware

How to Position the Enterprise for Zero Trust Success

“Zero Trust” may seem like a buzzword to some, but it’s a hot topic for a good reason. Most companies inevitably will adopt some form of the security strategy at some point, now that the workforce is evolving to favor remote work and branch offices. T… Continue reading How to Position the Enterprise for Zero Trust Success

Just Patch Already… It’s Not that Easy

We’ve all heard it before, “Just patch all the things and you’ll be perfectly fine” and there’s a lot of truth to this statement; it’s also extremely shortsighted. If you’re working in a large enterprise or an … Continue reading Just Patch Already… It’s Not that Easy

Feds: Cyberattack on NASA’s JPL Threatened Mission-Control Data

Rampant security-operations bungling allowed cyberattackers to infiltrate JPL’s network, which carries human mission data. Continue reading Feds: Cyberattack on NASA’s JPL Threatened Mission-Control Data