The Power of Reports and Software Testing
CQURE Academy
by Social Cube
8M ago
In February, a report appeared on the website of one of the cybercriminal groups – LockBit, in which criminals tested encryption speeds across 36 different ransomware variants, including two of their own: LockBit 1.0 and LockBit 2.0. It turned out that those two solutions; LockBit 2.0 and LockBit 1.0 are at the top of the table. Information about the conditions of these tests was limited. Splunk specialists decided to verify the test results based on more detailed assumptions. It turned out that LockBit was the fastest tool. But LockBit 1.0 was actually faster than its newer counterpart LockB ..read more
Visit website
Skill Gap in Cybersecurity
CQURE Academy
by Social Cube
9M ago
In the last few years, cybersecurity professionals have been experiencing extreme stress or burnout. According to a last year’s Forrester’s survey, 65% of them considered leaving their job because of it. This high level of burnout is paramount for cybersecurity professionals’ decision to leave their jobs. For some of them, it means leaving the industry altogether. To some extent, this is an effect of the COVID-19 pandemic. In the last two years, cybersecurity specialists have been asked to take on heavier workloads as companies undergo digital transformations. At the same time companies aren ..read more
Visit website
Salaries in Cybersecurity
CQURE Academy
by Social Cube
9M ago
According to the data collected by (ISC)2 in the report “Cybersecurity Workforce Study 2021”, the global cybersecurity workforce is well-educated (86% have a bachelor’s degree or higher), technically grounded (most graduated with degrees in STEM and some from business fields). The average annual salary before taxes in the USA is about $90,900 — up from $83,000 among respondents in 2020, and $69,000 in 2019. While only 9% of the North American workforce reported a pre-tax salary below $50,000, the largest single North American grouping (49%) earned more than $100,000. But reality looks differe ..read more
Visit website
Dark hours – postincident recovery without procedures and documentation
CQURE Academy
by Social Cube
10M ago
SCENARIO I A big global company in the chemical industry was attacked by cybercriminals and their data in branches across the world were encrypted. The organization refused to pay the ransom and decided to restore infrastructure by using data backups and paper documentation (the law required the company to keep it in the archive). They decided to take a risk, even if there was a possibility that some of the data would be permanently lost. Operational technology was not infected and there was no direct connection to IT infrastructure. We were asked for help in post-incident recovery by attacke ..read more
Visit website
Bug bounty or profound pentest? It’s not the Matrix, take both pills.
CQURE Academy
by Social Cube
10M ago
Google’s Android, Chrome, and Play platforms continue to be vulnerability-rich environments. In 2021 Google paid a record $8.7 million in rewards to 696 third-party bug hunters from 62 countries who discovered and reported thousands of vulnerabilities in the company’s technologies. It’s a nearly 30% increase from the $6.7 million in 2020. Companies often hire a team to test the security of their website or system before deployment. But what happens when new features or updates are pushed? What about the bugs or weaknesses that these teams miss? That is why it makes sense to sign up for a bug ..read more
Visit website
Back to Basics: Using PIM in Azure Active Directory Security
CQURE Academy
by tribe47
1y ago
Minimizing who can access your data and when is one of the cornerstones of cybersecurity as it helps to decrease the chance of sensitive information falling into the hands of a malicious actor. It also protects data against being accidentally viewed (or even inadvertently leaked!) by an authorized user. Because privileged user accounts hold higher levels of access than other user accounts, they need to be monitored more closely. PIM is a service in Azure Active Directory that allows you to restrict access in a variety of cool ways, from making it time-bound to implementing just-in-time access ..read more
Visit website
Back to Basics: Identity protection in Azure Active Directory
CQURE Academy
by tribe47
1y ago
Identity Protection is a security feature in Azure Active Directory that helps to prevent, detect, and remediate identity risk in an organization. Using multiple detections, it monitors every login for identity compromise, sorting sign-ins into three categories of risk: low, medium, and high. These risk ratings can be used to create automated user risk policies that balance employee productivity with corporate security. For example, multi-factor authentication can be set as a requirement for a sign-in that is high-risk. Join Paula as she reviews the different policies in Azure’s Identity Prote ..read more
Visit website
Back to Basics: Conditional Access in Azure Active Directory
CQURE Academy
by tribe47
1y ago
Regulating access to your company’s files, systems, and applications cuts the risk of your data falling into the hands of hackers, threat actors and thieves. While standard privilege management stops at ID-based authentication, conditional access in Azure Active Directory gives greater flexibility and control by allowing remote connections only when certain conditions are met. Using conditional access, an administrator can regulate access by user location, device type, the kind of application or file being used and more. To achieve this, the administrator creates an Azure Active Directory secu ..read more
Visit website
What is it Really Like to Work in Cybersecurity?
CQURE Academy
by tribe47
1y ago
A problem-solver’s paradise Before I get to the audiences’ questions, I’m going to start this knowledge drop by answering one of my own – what does it mean to me to work in cybersecurity? I consider working in cybersecurity as exciting and challenging because there is a new obstacle to overcome every day. You must be prepared to face problems that you haven’t seen before as no two infrastructures are the same. Not only do you have to use your skills and knowledge in new ways, but you must make sure that you keep up with the latest technological advances and threats.  While it may not be t ..read more
Visit website
8 Things to Avoid In Azure Active Directory
CQURE Academy
by tribe47
1y ago
Organizations that don’t put in the extra effort needed to secure their Azure Active Directory leave themselves vulnerable and open to data leaks, unauthorized data access, and cyberattacks targeting their infrastructure. Cybercriminals can decrypt user passwords and compromise administrator accounts by hacking into Azure AD Connect, the service that synchronizes Azure AD with Windows AD servers. Once inside the system, the attackers can exfiltrate and encrypt an organization’s most sensitive data. Azure AD users often overlook crucial steps, such as implementing multi-factor authentication fo ..read more
Visit website

Follow CQURE Academy on Feedspot

Continue with Google
OR