Thursday 8/29
Introducing Automatic URL Categorization: Enhanced Security and Efficiency (Check Point)
Our new feature, Automatic URL Categorization, helps your team make the most of their security policies. This capability leverages advanced machine learning and natural language processing (NLP) to provide superior URL classification, ensuring security policies are applied accurately.
https://blog.checkpoint.com/security/introducing-automatic-url-categorization-enhanced-security-and-efficiency/
Incident Response by the Numbers (Palo Alto Networks)
Last year, software and API vulnerabilities provided the initial access vectors for 38.6% of attacks we investigated – more than any other vector. These attacks result from large-scale, automated intrusion campaigns.
https://www.paloaltonetworks.com/blog/2024/08/incident-response-by-the-numbers/
Friday 8/30
Getting More From the Data Center, Part One (Pure Storage)
In the quest to create a more efficient, modern data center, there are several elements enterprises should consider when trying to evolve their IT operations.
https://blog.purestorage.com/perspectives/understanding-the-hyper-efficient-data-center/
Strategies for performing security migrations (Wiz)
As you work toward exterminating a problem in your environment, you should consider applying prevention mechanisms, or what sometimes are referred to as ratchets because they ensure that things travel in only one direction.
https://www.wiz.io/blog/cloud-security-migrations-best-practices
Tuesday 9/3
The Power of Hardened Images for Your Cyber Defenses (Nerdio)
Hardened images offer MSPs and IT providers a streamlined path to compliance, ensuring that customers’ systems adhere to necessary regulations and security protocols without extensive manual intervention.
https://getnerdio.com/resources/the-power-of-hardened-images-for-your-cyber-defenses/
Threat Hunting on the Network: An Introductory Guide (ExtraHop)
Threat hunting on the network is like trying to find a needle in the haystack when you don’t even know for certain that a needle is there. Through packet analysis, incident responders have to discover threats themselves.
https://www.extrahop.com/blog/threat-hunting-in-network-traffic
Wednesday 9/4
How a Security Operations Approach Can Prevent Man-in-the-Middle Attacks (Arctic Wolf)
Also known as “adversary-in-the-middle” or “manipulator-in-the-middle” attacks, this high-tech form of eavesdropping involves a threat actor getting between you and the party to which you’re attempting to send your data or information. This kind of attack typically occurs when a user is connected to public or unprotected Wi-Fi — highlighting the importance of VPNs.
https://arcticwolf.com/resources/blog/how-a-security-operations-approach-can-prevent-man-in-the-middle-attacks/
Incident Response by the Numbers (Palo Alto Networks)
In the past year, we’ve seen threat actors making bigger moves faster to mount more sophisticated attacks against their targets. Here are the data points that tell the story of last year's attacks and the steps defenders can take to protect their organizations.
https://www.paloaltonetworks.com/blog/2024/08/incident-response-by-the-numbers/
Thursday 9/5
Avoiding security incidents due to request collapsing (Wiz)
This feature of caching services can result in unexpected behavior. Here's how to prevent sensitive data from being accidentally exposed.
https://www.wiz.io/blog/preventing-risk-of-request-collapsing-in-web-caching
A Threat Actor’s Playbook: Common Techniques and How to Bypass MFA (Adlumin)
The threat is not novel, overly complex, engineered, or used exclusively by an Advanced Persistent Threat (APT) but rather a persistent and increasingly easy-to-adopt tactic and exploitation chain attackers are successfully using to potentially devastating effects.
https://adlumin.com/post/a-threat-actors-playbook-common-techniques-and-how-to-bypass-mfa/
Friday 9/6
Global ransomware attacks at an all-time high—2024 State of Ransomware report (ThreatDown)
There were a total of 4,582 known ransomware attacks between July 2023 and June 2024, a 33% year-on-year increase.
https://www.threatdown.com/blog/global-ransomware-attacks-at-an-all-time-high-2024-state-of-ransomware-report/
Best practices for managing machine identities (Delinea)
There is no quick solution to safeguarding machine identities since there are many types and their volume continues to grow every day. The important thing is to get started now and build a system that will allow you to reduce risk.
https://delinea.com/blog/best-practices-for-managing-machine-identities