Two-Thirds of Organizations Were Hit by a Ransomware Attack Last Year
In SpyCloud’s Ransomware Defense Report, its annual survey of CISOs or Chief Information Security Officers and heads of IT security from Canada, the UK, and US they found that that security teams are starting to lose hope that they can
How CASB Solutions are Improving Cloud Security
Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, typically placed between cloud service consumers and their cloud service providers (CSB). The solutions often combine and add enterprise security policies when cloud-based resources are accessed. Further,
Nearly 50% Of Businesses Had a Cloud-Based Data Breach or Failed Audit
In the 2022 Thales Global Cloud Security Study, commissioned by Thales and conducted by 451 Research, reported that 45% of businesses it surveyed have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from
Assessing and Mitigating the Log4j Vulnerability
A Vulnerability Management Case Study Authors of this blog post include Subramani Sundar- Director, Threat & Vulnerability Management, Tamika Miyashita- Security Project Manager, Tanveer Chowdhury- Security Manager, & Peter Bellarmine - Lead Security Engineer This is the 3rd blog post we have
Lessons Learned in Defending Against the Log4j Vulnerability – A Case Study
Authors of this Blog Post include SecureOps Employees - Michal Kavan, SOC Director - Andrew Morrison, SOC Manager and Alejandro Perez, Sr. SOC Analyst In December, several Log4j vulnerabilities also known as Log4shell or LogJam in many of the IT security
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact
Developing a Risk-Based Vulnerability Management Program A Real-Life Case Study
Custom Security Solutions Empower Organizations to Create Robust, Efficient Vulnerability Management Programs Vulnerability management exists for the purpose of identifying and remediating vulnerabilities in systems quickly before they are exploited. Vulnerabilities, which are essentially weaknesses within software can lead to a
The SolarWinds Sunburst Attack: How to Protect Yourself from 5th Generation Cyberattacks
Last week US government offices were targeted by one of the most sophisticated and severe attacks seen in history both because of the sophistication and scope. A series of mega cyber-attacks were launched and thus far it appears were conducted
Bug Bounty Programs are Becoming Increasingly Effective
What is the Difference Between Bug Bounty and Vulnerability Management Programs? In this blog, SecureOps Senior Penetration Tester Jasmin Landry has provided us deep insight into bug bounty programs in two previous posts: Bug Bounty Programs – Uncovering Critical Vulnerabilities https://secureops.com/penetration-testing/bug-bounty/ Unleashing Bug
Why MAZE Ransomware Attacks are So Devastating
Why MAZE Ransomware Attacks are So Devastating MAZE ransomware is quickly becoming one of the most devastating strains of Windows ransomware that have infiltrated companies and organizations around the world and demanded that a Bitcoin or Cryptocurrency payment be made in