How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting. Zero-day disclosures, those known bugs without a fix, can have potentially catastrophic results. One of the best ways to combat them is by discovering them before the bad guys do. Some of the biggest tech brands on the … Continue reading How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

MSBuild Used By Threat Actors to Deliver RATs Filelessly

Authored by: Tara Gould and Gage Mele Key Findings Anomali Threat Research identified a campaign in which threat actors used Microsoft Build Engine (MSBuild) to filelessly deliver Remcos remote access tool (RAT) and password-stealing malware commonly known as RedLine Stealer This campaign, which has low or zero detections on antivirus tools, appears to have begun … Continue reading MSBuild Used By Threat Actors to Deliver RATs Filelessly

Secure Data Recovery Services: Protecting Business Continuity

By Dmitriy Kardashev, Founder and CEO, SecureData, Inc. In today’s world, consumers and businesses alike require consistent and easy access to their data. Whether it’s large customer databases that an organization relies on for daily operations, highly confidential and sensitive information that flows through government, healthcare or manufacturing sectors, or irreplaceable photos and videos stored … Continue reading Secure Data Recovery Services: Protecting Business Continuity

Beyond MFA: Rethinking the Authentication Key

Tony Lauro, director of security technology and strategy at Akamai, discusses hardware security dongles and using phones to act as surrogates for them. You have to hand it to the cyber-thieves: They have proven extremely adept at defeating security measures once thought reliable. Case in point: multifactor authentication (MFA). While two-factor authentication (2FA) using push … Continue reading Beyond MFA: Rethinking the Authentication Key

Biden issues executive order to increase U.S. cybersecurity defenses

President Biden signed an executive order Wednesday to modernize the country's defenses against cyberattacks and give more timely access to information necessary for law enforcement to conduct investigations. This executive order follows the numerous cyberattacks targeting US interests this year, including the SolarWinds supply chain attacks in December and the more recent DarkSide ransomware attack … Continue reading Biden issues executive order to increase U.S. cybersecurity defenses