September 23, 2021 | Irfan Shakeel

Network traffic analysis using Wireshark

This blog was written by an independent guest blogger. Network traffic analysis is the routine task of various job roles, such as network administrator, network defenders, incident responders and others. Wireshark plays a vital role during the traffic analysis; it comes pre-installed in many Linux OS’s, for instance, Kali. otherwise, it is available to download from the…

September 22, 2021 | Belinda Streak

The meaning behind XDR: A beginner’s guide to extended detection and response

Where we are In the world of threat detection and response, alert fatigue and tool sprawl are real problems. Security professionals are struggling to manage different tools and control points and still relying on manual processes, which results in security that is fragmented and reactive. Analysts need better visibility and control, more context, and better use of automation so they…

September 21, 2021 | Karoline Gore

Through edtech, society’s cybersecurity ability is heading up a notch

Photo by Marvin Meyer on Unsplash This blog was written by an independent guest blogger. Edtech is helping to provide children and adults all over the world with new and updated skills and knowledge. One important area it’s helping with is cybersecurity. A recent report by Forbes gave the opinion that edtech would provide the…

September 20, 2021 | Bindu Sundaresan

Cybersecurity first: Business and consumer

A cybersecurity program isn’t just about securing your assets. It is an asset.  Security is everyone’s responsibility, from the consumer to a business. Here are some best practices from a consumer's view. It all starts with locking down your login credentials Review your passwords, updating them as needed, and ensuring they are…

September 15, 2021 | Bindu Sundaresan

Thrive today with not just being smart but being cyber smart

Photo by Cytonn Photography on Unsplash Cybersecurity is everyone’s responsibility: Don’t just be smart, be cyber smart In our digital age, cybersecurity is everyone’s responsibility. Every device you use, the app you download, the bit of information you share, or the message you open comes with a certain amount of risk.…

September 14, 2021 | Irfan Shakeel

A guide to OWASP’s secure coding

This blog was written by an independent guest blogger. Modern organizations rely heavily on software and systems. Secure coding standards are significant, as they give some assurance that software installed on the organization’s system is protected from security flaws. These security standards, when used correctly, can avoid, identify, and remove loopholes that might jeopardize software integrity. Furthermore, whether…

September 14, 2021 | Mark Stone

What is 5G security? Explaining the security benefits and vulnerabilities of 5G architecture

This article was written by an independent guest author. 5G is already transforming and enhancing mobile connectivity. With its high speeds and low latency, almost all businesses and industries are now in the position to digitize applications and services they couldn’t dream of not long ago. With 5G networks, billions of devices and IoT (the internet of things)…

September 13, 2021 | Craig Lindner

CMMC Level 3 readiness

Introduction Defense contractors across the U.S. are moving to update their cybersecurity programs to meet or exceed Cybersecurity Maturity Model Certification (CMMC) requirements launched in 2020 by the Department of Defense (DoD) to provide greater protection of Controlled Unclassified Information (CUI).  The effort required for CMMC Level 3 Certification will be significant for many of the small to midsized firms…

September 9, 2021 | Michael Rothschild

Preparing for IT/OT convergence: Best practices

This blog was written by a colleague from Tenable. What is OT vs. IT? Modern-day industrial and critical infrastructure organizations rely heavily on the operational technology (OT) environment to produce their goods and services. Beyond traditional IT operations that utilize servers, routers, PCs and switches, these organizations also rely on OT, such as programmable logic controllers (PLCs), distributed control systems …

September 8, 2021 | Ofer Caspi

TeamTNT with new campaign aka “Chimaera”

Executive summary AT&T Alien Labs™ has discovered a new campaign by threat group TeamTNT that is targeting multiple operating systems and applications. The campaign uses multiple shell/batch scripts, new open source tools, a cryptocurrency miner, the TeamTNT IRC bot, and more. Alien Labs research indicates the command and control (C&C) server used in this…

September 7, 2021 | Erin Edwards

Explore and experience cybersecurity from a consulting point of view

Cybersecurity skills shortage The demand for highly qualified staff with the right skill sets along with hands on experience is not new news in cybersecurity. However, the difficulty of gaining experience prior to meeting the objectives for interviews for entry level jobs can be a tough hill to climb. Ample resources available online, including the ability to set up in-home…

September 2, 2021 | James Carrigan Jr.

Why is AT&T adding Web Application Shielding to its Managed Vulnerability Program?

This blog was written by a guest blogger. Cybercriminals never sleep. Why? They're too busy looking for application vulnerabilities. In the world of cybercrime, a flawed application is a potential goldmine for them, but an onramp to disaster for most organizations. A vulnerable state The threat landscape has increased at a frightening speed. We've moved beyond merely dealing…