Monday 7/1
Seeing the Unseen: Preventing Breaches by Spotting Malicious Browser Extensions (CrowdStrike)
When an end user installs a browser extension, the permissions granted open the door to a world of possibilities — and vulnerabilities. Depending on what’s allowed, these extensions can access a veritable treasure trove of information.
https://www.crowdstrike.com/blog/prevent-breaches-by-stopping-malicious-browser-extensions/
DMARC: Why It's Moving from a Best Practice to a Must-Have (Proofpoint)
Most cyberattacks today are initiated via email. As a result, many users have started to block or delete emails from unknown sources as a precautionary measure. Cybercriminals realize this and have learned that their best chance is to fool the receiver into believing that they are dealing with a known source—ideally, a trusted source.
https://www.proofpoint.com/us/blog/email-and-cloud-threats/dmarc-from-best-practice-to-must-have
Tuesday 7/2
Ocean's Eleven ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/oceans-eleven
Breaking down BEC: Why Business Email Compromise is More Popular Than Ever (Arctic Wolf)
As headline-grabbing as AI-based attacks appear to be, they aren’t driving the most breaches globally. That would be business email compromise (BEC) attacks, in which attackers leverage stolen access to a business email account to create a scam that results in financial gain.
https://arcticwolf.com/resources/blog/why-bec-is-more-popular-than-ever/
Wednesday 7/3
After a Breach: 5 Recovery Steps to Take (Pure Storage)
When the worst happens and a threat turns into an actual attack, it’s time to calm down, get serious, and tally up the damage.
https://blog.purestorage.com/perspectives/5-ransomware-recovery-steps-to-take-after-a-breach/
Data: The Final(?) Security Frontier (Check Point)
Companies have a crucial responsibility to protect sensitive data like Personal Identifiable Information (PII), which encompasses details like names, addresses, Social Security numbers, and payment card information, including card numbers and CVV codes.
https://blog.checkpoint.com/securing-the-cloud/data-the-final-security-frontier/
Friday 7/5
Cloud Migration Simplified: SaaS Secrets and PAM Strategy (CyberArk)
Organizations face increased operational risks and compliance challenges without proper management of machine identities. The complexity of managing secrets across diverse environments can lead to inconsistent security policies, weak access controls and an increased likelihood of security incidents.
https://www.cyberark.com/resources/blog/cloud-migration-simplified-saas-secrets-and-pam-strategy
Cybersecurity and cyber resilience…aren’t they the same thing? (NetApp)
These terms don’t describe exactly the same thing, and there are a lot of misconceptions about the differences between them. So let’s make sure that we’re all on the same page.
https://www.netapp.com/blog/are-cyber-security-cyber-resilience-the-same/