Approaches to Segmentation with Privileged Access Management (PAM)
In this blog we will explore segmentation, lateral movement, and how you can apply privileged access management (PAM) to achieve segmentation and improve your security posture.
Remote Work & Digital Transformation Expanded the Attack Surface: IDSA Study Shows IT Leaders Embracing Identity-Centric Security to Close the Gaps
The IT security concepts of zero trust and identity-centric security have risen to prominence in response to the challenges of an increasingly distributed, mobile, and perimterless digital world. Most cyberattacks today revolve around identities, and the credentials and privileges of those identities. A new study sponsored by the Identity Defined Security Alliance (IDSA)-sponsored validates that a shift to identity-centric security and zero trust is clearly underway, and that organizations are making faster progress in implementing identity-based security outcomes.
New South Wales (NSW) Auditor General Report Spotlights Cybersecurity Risks Lurking across Local Governments
2021 has been ablaze with largescale cyberattacks causing global disruption (SolarWinds, JBS Meats, etc.) as well as more targeted attacks impacting organizations Down Under (Eastern Health, Nine Entertainment, Oxfam, and the WA Parliamentary Network – during the state election!) With digital transformation accelerating and everyone adjusting to a “new normal”, how well are local governments across Australia poised to withstand the modern cyber threat scape?
Defining & Protecting Critical Software to Improve U.S. National Cybersecurity & Supply Chain Resilience
With a wave of industry-shaking cyberattacks kicking off the first half of 2021, the U.S. government has mobilized efforts and marshalled minds and resources to improve supply chain cyber resilience and protect critical infrastructure. Recently, President Biden issued the Executive Order (EO) on Improving the Nation’s Cybersecurity. This blog will put forth definitions and best practices to address Section 4 of Biden’s EO: Enhancing Software Supply Chain Security. I will start by defining what critical software is, and then breakdown three fundamental cybersecurity categories that all agencies and enterprises should implement to ensure a strong foundation for securing critical software and bolstering the software supply chain.
The State of Mac Security: What We Learned at the Epic Games Versus Apple Trial
A recent lawsuit involving Epic Games and Apple brought some interesting and candid words about Mac to the public domain. During the trial, Apple’s own Senior VP of Engineering, Craig Federighi asserted in court that the level of malware on macOS is not acceptable. He recounted how even his family members have encountered malware on macOS.
How to Penetration Test (Pentest) Remote Worker Endpoints: What’s in Scope, & What’s Off Limits
Whether it’s a much larger remote workforce than in prior years, greater flexibility, or even a remote-first work strategy--we are coming to the realization that the new normal is here. Some
SCADA and IoT Security: What is Broken, & Can it Be Fixed?
Over the past decade, we've seen a vast array of different types of devices and systems connected to the Internet. While this feels like technological progress, there's a dark side to bringing the Internet of Things (IoT) online—these systems come under attack just like other connected infrastructure. Unfortunately, many SCADA environments today include connected systems with relatively weak security capabilities and configurations, leading to compromise and breach scenarios that are not only dangerous, but could be deadly.
BeyondTrust Privilege Management for Windows & Mac Introduces New Integrations with VirusTotal and MFA, & More in New Release
The latest release of Privilege Management for Windows and Mac delivers security enhancements, including MFA and VirusTotal integrations, Advanced Parent Tracking, and updates to user experience.
Dispatches from Anywhere: Securing the Next Wave of Work
After the 2020 pandemic tipped our traditional way of work on its head, companies scrambled to support fully remote workers. But as the vaccine roll-out continues, many organizations are welcoming workers back to the office. However, that doesn’t mean all companies are planning to go back to exactly the same way things were before. Some companies, like Nationwide and VMware, have announced their decision to stay “remote first” for the long-term, while others are looking at flex solutions like 2 days in office and 3 days home -- or one week in office and the next week home. The implications for IT and ITSec departments is that they must prepare to support fully or partially remote workers well into the future.
How to Mitigate macOS CVE-2021-30657 with BeyondTrust Privilege Management for Mac
Discovered by security researcher Cedric Owens and privately reported to Apple in March 2021, CVE-2021-30657 is a logic issue that allowed attackers to craft a macOS payload that is not checked by Gatekeeper (the macOS security feature that verifies downloaded applications before allowing them to run) and bypasses File Quarantine and Application Notarization protections as well.
Will DarkSide Pipeline Ransomware Attack Fuel Cybersecurity Upgrades for Critical Infrastructure?
The attack against Colonial Pipeline by the cyber-criminal gang DarkSide is the latest glaring example of just how vulnerable some critical systems and infrastructure are to attack. The attack has taken 45% of the fuel supplied to the U.S East Coast region completely offline since May 7th. Along the East Coast region, the public is experiencing long lines and fuel outages at many gas stations due to panic buying, with gas prices also running higher as a consequence. While public details of the actual attack chain remain scant, early speculation is that the attack may have started with a phishing attack, leading to widespread compromise of systems over weeks or months.
The Cyberattacker’s Path of Least Resistance is Shifting: Here’s How You Must Adapt
The attacker’s path of least resistance (POLR) to corporate data and assets is shifting, thus, so too must our IT risk management calculus and defensive priorities. The defenses I’m talking about include physical security as well as cybersecurity technologies. In this blog, we will explore how the attack surface is changing, why this is re-shaping the path of least resistance for attackers, what a recalibration of physical security and cybersecurity entails, and best practices for protecting identities, data, and corporate assets going forward.