A recently discovered MacOS exploit allows someone to steal usernames and passwords directly from the Keychain app with out requiring an Administrator account.
CloudPassage is now allowing users to test drive Halo, their security automation platform via their website: https://blog.cloudpassage.com/2019/02/12/test-drive-cloudpassage-halo/.
You might of heard recently that the Astaroth Trojan is making a comeback. We break down what it is, why it's making a comeback and more...
For years a company's cybersecurity needs were left up to their IT Department. IT was responsible for every decision, every purchase. The C-Suite and its occupants had bigger fish to fry and what little attention InfoSec received, typically dried up before anyone dug in deep at that executive level.
There’s been a lot of talk about standards and compliance (ISO 27001 and GDPR to name a few). We’ve been talking about these standards quite a bit lately (here and here). What we haven’t done a lot of is talk about what people need to do in order to prepare for these standards while assuring you’re compliant with the obligations you already have.
The other day a few of my colleagues and I went to a local Sysadmins and Networking meetup hosted by SEA-TUG.
The topic of the night was Host Identity Protocol (HIP), and Michael Falkenrath of Tempered Networks presented it. While we don’t currently offer any of Tempered’s solutions in our MSSP offerings, the topic of HIP caught my attention, and I figured it might be a good idea to get more familiar with it in general.
Drafted by the International Organization for Standardization, ISO 27001 is designed specifically to help build an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization's information risk management processes.