Insider Threat Management – Detect and Respond to Data Exfiltration

As the perimeter shifts to the user and application, traditional network-based data loss prevention solutions are no longer effective. There is no longer a central network egress point to control the flow of data, as users, and the applications they access, are now distributed across the Internet. We need to rethink how we detect and […]

The post Insider Threat Management – Detect and Respond to Data Exfiltration appeared first on Security Weekly.

Read more

LinkedIn Data Found in Unsecured Databases

A privacy foundation found unsecured databases that held LinkedIn data, including email addresses.

Read more

TA505 Targets Financial and Retail Using ‘Undetectable’ Methods

CyberInt found TA505 is using tactics and a remote administration tool, developed by TektonIT.

Read more

Fraudsters Exploit Sympathies Surrounding Notre Dame Tragedy

Following the tragic events in Paris, cyber-criminals have taken advantage of people’s goodwill.

Read more

User privileges in Docker containers

That’s a neat trick, but it’s also a documented feature: https://docs.docker.com/engine/security/security/ First of all, only trusted users should be allowed

Read more

IDG Contributor Network: Proposed changes to California Consumer Privacy Act of 2018 could rewrite privacy law


On April 4, 2019, California Assembly Member Wicks proposed sweeping changes to bill AB 1760, effectively repealing the California Consumer Privacy Act of 2018 (CCPA) and replacing it with the Privacy for All Act of 2019 (PAA). The proposed rewrite would increase a business’s compliance obligations as well as its potential exposure to civil and regulatory liability, shifting California even closer to the requirements of the GDPR. If passed, the PAA will go into effect on January 1, 2021, giving businesses one additional year to implement the new requirements.

To read this article in full, please click here

Read more

SOC Intel: Wire, Logs, & Endpoint – Enterprise Security Weekly #133

    Matt Cauthorn is the VP of Cyber Security Engineering at ExtraHop. Matt Cauthorn leads a team of technical security engineers who work directly with customers and prospects. Matt uses his expertise with ExtraHop to explain The Three Horsemen of SOC Intel: Wire, Logs, Endpoint! To get involved with ExtraHop, vist: https://securityweekly.com/extrahopFull Show Notes […]

The post SOC Intel: Wire, Logs, & Endpoint – Enterprise Security Weekly #133 appeared first on Security Weekly.

Read more

APT34 Hacking Tools Leak

Hacking tools:– Glimpse (newer version of a PowerShell-based trojan that Palo Alto Networks names BondUpdater)– PoisonFrog (older version of BondUpdater)–

Read more

pipetap.sh: Remote wireshark. Invoke tcpdump over ssh piping to STDOUT, for importation to a local Wireshark via STDIN.

Neat little one-liner. Thanks for sharing. A couple things you might want to consider… ssh -A There’s no need to

Read more