February 2, 2021 | Nahla Davies

Card-Not-Present fraud (CNP): Five things retailers can do to protect themselves from CNP attacks

This blog was written by an independent guest blogger. Cybercriminals have been well ahead of the curve when it comes to cybersecurity in the online retail industry. Specifically, criminals have been exploiting changes in purchasing behavior that favor online transactions and adapting their methods to take advantage of the authentication challenges arising when a card is not present (CNP) at…

February 1, 2021 | Devin Morrissey

Protection for your e-commerce needs

Image Source: Pexels This blog was written by an independent guest blogger. One of the biggest barriers to successful e-commerce business is protecting user data. If online shoppers don’t feel their information is safe, they won’t make a purchase. Luckily, there are actions you can take to secure your own e-commerce experience, whether you’re…

Get the latest security news in your inbox.

Subscribe via email

RSS

January 29, 2021 | Mark Stone

What is Secure Access Service Edge? SASE Explained

This blog was written by a third party author Today’s “new normal” business environment is heavily focused on cloud. The ongoing trends we’re seeing today show no signs of letting up. Workloads moving to the cloud, an escalating number of devices accessing applications and data, and the more distributed nature of the workforce have…

January 28, 2021 | Theodoros Karasavvas

Serverless computing: Is it worth the risk?

This blog was written by an independent guest blogger. A new trend for developers is emerging, as many companies shift towards using serverless computing. The name is a bit misleading, as serverless computing still relies on servers for storing data, but those who use serverless computing leave the maintenance of the server to their provider. They pay only for the…

January 27, 2021 | Ofer Caspi

TeamTNT delivers malware with new detection evasion tool

Executive Summary AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence…

January 26, 2021 | Kim Crawley

JavaScript cybersecurity threats

This blog was written by an independent guest blogger. JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor…

January 25, 2021 | Devin Partida

How reliable is real-time security?

This blog was written by an independent guest blogger. Today’s world is a fast-paced one, and that reality means changing the approach to security. Traditional ways of securing networks or premises often involved responding to threats after they happened or preparing for the most likely attacks based on experience. Now, an option called real-time security — or real-time…

January 21, 2021 | Jason Lawrence

Education, certifications, and cybersecurity

The question of cybersecurity certifications comes up very frequently on discussion boards.  What is the best certificate to get?  Is a college degree better for getting a cybersecurity role?  What education or skills are needed for various cybersecurity roles?  And many, many more.  In this post, I'll try to clarify some of these questions…

January 19, 2021 | Rakesh Shah

We are better together: AT&T USM Anywhere and Digital Defense Frontline

An enterprise needs an evolving view of its environment.  What does normal look like?  What are the weak spots?  What is the impact of the threat to your environment?  Detecting the threat after collecting the right data is the first step.  From there, the impact of the threat really matters; otherwise, security teams may be…

January 18, 2021 | Nahla Davies

5 New cybersecurity threats and challenges facing the financial services sector

This blog was written by an independent guest blogger. It’s been a mixed year for the financial services sector. Some companies have seen increased demand for their services, while others have struggled to deal with the downturn in mortgage deals and reduced consumer spending.  At a more granular level, many financial services companies have also had to…

January 14, 2021 | David Bisson

Security context: The starting point for how Kubernetes Pod security works

This blog was written by an independent guest blogger. Organizations are increasingly adopting Kubernetes to manage their containerized workloads and services, but Kubernetes security incidents are on the rise, as well. In the fall 2020 edition of the “State of Container and Kubernetes Security” report, for instance, 91% of respondents told StackRox that they had recently adopted Kubernetes. Three quarters…

January 13, 2021 | Tom Hegel

A Global Perspective of the SideWinder APT

AT&T Alien Labs has conducted an investigation on the adversary group publicly known as SideWinder in order to historically document its highly active campaigns and identify a more complete picture of targets, motivations, and objectives. Through our investigation, we have uncovered a collection of activity targeting government and business throughout South Asia and East Asia spanning many years.…