Network traffic analysis using Wireshark
Meaningful security metrics
Security metrics are vital for you as a security leader to track the progress of your security program and have effective risk-focused conversations with business and operations stakeholders. Security metrics pave the way for security initiatives, facilitate resource, help communicate resource allocation and help communicate results with relevant stakeholders throughout the organization. Today security functions are expected to plan…
Best practices for a secure ecommerce website
This blog was written by an independent guest blogger. Ecommerce is a popular business model. Many people are getting into this business and looking for ways to secure early retirement from typical 9 to 5 jobs. With the right ideas and execution, there is a good chance that this will happen, but making it in eCommerce isn’t that easy as…
Back to the office…
As the world is starting to move out of lockdown, businesses are moving some of their workforce back into the office environment. Whilst their focus may be on the logistics of this and making the office environment ‘Covid-Safe’ for their employees, they also need to be cognisant of the potential security challenges facing them. Some areas that businesses…
Cybersecurity and government
Photo by Katie Moum on Unsplash In May, after many months of dedicated effort, our compliance team received word that a U.S. Federal Risk and Authorization Management Program (FedRAMP) moderate certification was granted for the AT&T Threat Detection and Response for Government solution. FedRAMP is a program coordinated by the US General Services Administration…
Ways to prevent ransomware attacks: how to avoid becoming a victim
This article was written by an independent guest author. The reason why ransomware is more rampant today is simple: it’s lucrative for hackers. As high-profile examples of ransomware continue to skyrocket concerning the amount of ransom paid, hackers will only continue to pursue it as a strategy. How the incentives are changing for hackers As the degree…
How to protect your site against lethal unauthorized code injections
This blog was written by an independent guest blogger. Lethal unauthorized code injections like XXS (cross site scripting) attacks are some of the most dynamic cyber-attacks. They are often very difficult to detect and can result in credit card theft, fraud, and endpoint data breaches, having a huge impact on small to medium sized businesses. In a recent AT…
AI everywhere: How AI is being applied in 4 different fields
Image Source: Pexels This blog was written by an independent guest blogger. Historically, the idea of artificial intelligence (AI) saturating our world has been met with suspicion. Indeed, it’s one of the more popular tropes of science fiction — learning machines gain sentience that helps them take over the planet. While we’re not even slightly close…
Empowering women in the field of ethics and compliance
This blog was written by an independent guest blogger. Ethics and compliance is becoming a burgeoning industry as an increase in government regulations in areas such as sustainability, diversity, and data privacy make compliance an important focus for companies. It’s especially important in tech companies as the ever-growing risk of cybersecurity breaches requires that security teams be vigilant…
Asset management in the age of digital transformation
Over the past year or so, organizations have rapidly accelerated their digital transformation by employing technologies like cloud and containers to support the shift to IoT and address the expanding remote workforce. Visibility Matters: This digital shift calls for a new approach to asset visibility as traditional asset administration responsibilities like inventory, software support, and license oversight are often the…
A mid-year update for Cybersecurity – 4 trends to watch
This blog was written by an independent guest blogger. It is nearing the mid-year point of 2021, and already it can be characterized as” the year of the breach.” Many companies and institutions saw their security perimeters pierced by hackers including the mega-breaches of Solar Winds and the Colonial Pipeline. The scale of penetration and exfiltration of data…
Stories from the SOC - Office 365 account compromise and credential abuse
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive Summary Credential abuse and compromised user accounts are serious concerns for any organization. Credential abuse is often used to access other critical assets…
How data poisoning is used to trick fraud detection algorithms on ecommerce sites
This blog was written by an independent guest blogger. Artificial intelligence (AI) and machine learning (ML) systems have become the norm for using client data to provide recommendations to customers. As more people are working from home and conducting business online, it is imperative that fraud detection software is used to protect user information. But these protective systems also utilize…
