Trends in connected homes in 2021 - Improved security and connectivity
This blog was written by an independent guest blogger. Intro It’s becoming more popular in 2021 to have a smart home with connected devices capable of communicating with each other. It’s expected that smart home spending will reach more than $141 billion by 2023, and the number of smart homes will surpass 300 million by 2023. Some connected home trends are…
Introducing AT&T Managed Extended Detection and Response (XDR)
In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission. AT&T Managed XDR…
Hands-on domain password policy setup for Active Directory
This blog was written by an independent guest blogger. Dealing with the massive architecture of client-server networks requires effective security measures. Everyone has become painfully aware of all dangerous fishes roaming around the pool of the network, trying to get access to the system. Having a weak password policy is a key vector for attackers to gain system access. However,…
FBI warns of ransomware gang – What you need to know about the OnePercent group
This blog was written by an independent guest blogger. The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email. Ransomware…
Why access management needs to evolve beyond passwords
This blog was written by an independent guest blogger. Access management is a key element of any enterprise security program. Using policies defined by IT administrators, access management enforces access rights across the network. It does this by designating which groups of users are allowed access to which applications and identifying which user attributes are required to access each application. …
Stories from the SOC - Data exfiltration
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive summary The impact of Data Exfiltration, which is the act of copying or transferring data from a computer or server without authorization, has…
Securing the edge with Zero Trust
The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved traditional network boundaries. Today, the network perimeter has evolved as workloads have moved to the cloud while non-managed, mobile devices have become the norm rather than the exception. The location of applications, users, and their devices are no longer static. Data is no longer confined…
Introducing the Palo Alto Networks Panorama Advanced AlienApp
Here at AT&T Cybersecurity, we believe cyber protection should include multiple layers and cover as much ground as possible. Having full visibility into threats on the network and being able to automate actions against them not only reduces an organization’s risk but also frees up time for security teams to focus on other high-value security tasks. …
How to better secure user authentication protocols
This blog was written by an independent guest blogger. In March 2021, cybersecurity researcher Le Xuan Tuyen discovered a security bug in Microsoft Exchange Server. The vulnerability, dubbed ProxyToken, lets attackers bypass the authentication process to access victims’ emails and configure their mailboxes. Normally, Exchange uses two sites, a front and back end, to authenticate users. However, its Delegated Authentication…
What is advanced persistent threat? Explaining APT security
This article was written by an independent guest author. As the threat landscape evolves faster than we can keep up with, organizations must be aware of the type of threats they may face. Certain threat types, like ransomware and malware, are more prominent and therefore must be fought with the appropriate resources. On the other hand, some threat types are…
Introduction to SAST
This blog was written by an independent guest blogger. DevSecOps means countering threats at all stages of creating a software product. The DevSecOps process is impossible without securing the source code. In this article, I would like to talk about Static Application Security Testing (SAST). As development fluency is growing every year, many companies are introducing DevSecOps. Its main message…
How to shift into a new approach to cybersecurity asset management
This blog was written by an independent guest blogger. The effects of the global pandemic pushed organizations to accelerate their digital transformation strategies. Because of this, companies in all industries were faced with an array of new technologies like cloud and containers that support the shift to edge computing and remote workers. With so much focus on these factors, companies…
