Phishing and Ransomware: Connecting the Dots!
Phishing and ransomware. Ransomware and phishing. The two are inextricably connected and are now often chained together as the most potent exploit tools in a cybercriminal’s arsenal.
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Phishing and ransomware. Ransomware and phishing. The two are inextricably connected and are now often chained together as the most potent exploit tools in a cybercriminal’s arsenal.
Many threats originate from the endpoint and detecting them requires insights into what happens on the endpoint. In this post we look at different endpoint activity data sources, comparing the benefits and capabilities of Splunk Universal Forwarder with vast limits uberAgent and homegrown solutions.
If you’re a Facebook user, brace yourself for this one. It’s recently come to light that 533 million Facebook users’ details were found on a very suspicious hacker forum. The details found include users’ phone numbers, Facebook IDs, full names, locations, birthdays, and email addresses – all typical information that is stored on a Facebook account.
At CircleCI, we care about security - in 2018, we became the first CI/CD tool to meet the rigorous security and privacy standards required by government agencies to get FedRAMP authorized. Now, CircleCI is SOC 2 certified, adding another industry-recognized security accreditation.
In my last post we looked at the structure of AWS IAM policies and looked at an example of a policy that was too broad. Let's look at a few more examples to explore how broad permissions can lead to security concerns. By far the most common form of broad permissions occurs when policies are scoped to a service but not to specific actions.