Our hearts might skip a beat every time we put our hands in our pocket and can’t find our mobile phone, and we’re filled with dread at the thought of losing the device that contains our personal photos and the corporate data saved on it. But just misplacing a device is not how we put corporate data at risk; small actions in our day-to-day lives can have a major impact on the safety of the corporate data on our devices.

If there is still a reason why you have a post-it covering the webcam of your laptop, if you have not yet had the audacity to delve into the deep web despite all the mysteries they say it contains, if you only enter the Internet in incognito mode, sitting in your armchair with a blindfold: then you’re worried about one thing: safety. Today, in our blog, we will discuss Web browser security. Which are the safest? Is there life beyond Google Chrome?

Event correlation tools are a fundamental instrument in your toolbox to detect threats from all sources across your organization in real time. A wise use of the right event correlation techniques through log management and analysis is the cornerstone of any reliable security information and event management (SIEM) strategy – a strategy that focuses on prevention rather than reaction.

In this four-part series, we explore hypothetical cyberattacks inspired by real-life events in four different industries: healthcare, finance, manufacturing, and education. We’ll take a look at unforeseen security attack scenarios, and discover how user and entity behavior analytics (UEBA) can be leveraged to safeguard organizations. In this second post of the series, we’ll examine cyberattacks that threaten the financial sector.

Over the past few years, cloud computing has passed through its hype and early-adopter phases. Now we are hitting the peak of migration from on-premise to cloud-based infrastructure. Consequently, this transition and the advent of cloud computing has dramatically changed the way we think about security. Namely, the security paradigm has shifted towards a Zero Trust Security Model.

Data theft or data skimming is not a new problem, it has probably been happening since the birth of the paper form. Today is no different, it is still around and happening on a much wider scale, leveraging the internet and the proliferation of online shopping. A popular modern tactic for data skimming is called formjacking. Not heard of it? Formjacking enables organised criminals to steal sensitive customer data as it is entered into an ecommerce shop. To the end user, this process is invisible.

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in the way sudo has implemented running commands with an arbitrary user ID in versions earlier than 1.8.28.

The past few months have seen both Android and iOS fall prey to various security attacks, with more malware attacks and exploits being uncovered on a daily basis. First, let’s look at the newest zero-day Android vulnerability. This vulnerability leverages the ”use-after-free” memory flaw to wreak havoc on mobile devices. In layperson terms, the use-after-free flaw allows access to memory recently freed (after performing some operation) to execute malicious code.