Breaking the Linux Authenticode security model
Blog 9 in series: Digital Certificates - Models for Trust and Targets for Misuse
Read More about Breaking the Linux Authenticode security modelBreaking the Linux Authenticode security model
Breaking the Microsoft Authenticode security model
Rocking the foundations of a trust-based digital code signing system
Read More about Breaking the Microsoft Authenticode security model
Why You Need to Prioritize Software Development and Supply Chain Security
Enterprise software development graduated from the “waterfall” framework of development and operations - and became less linear, more complex and, in several ways, more difficult to secure. And while contemporary software supply chain practices allow developers to manage that complexity and deliver software efficiently at scale, unaddressed gaps and vulnerabilities within the process continue to be exploited by threat actors.
Read More about Why You Need to Prioritize Software Development and Supply Chain Security
How to Detect Software Supply Chain Attacks
Read More about How to Detect Software Supply Chain Attacks
Going Beyond Files: Destructive Object Analysis
Read More about Going Beyond Files: Destructive Object Analysis
Digital Certificates - Models for Trust and Targets for Misuse 6
Blog 6: A new kind of certificate fraud: Executive impersonation
Read More about Digital Certificates - Models for Trust and Targets for Misuse 6
Mirai Botnet Continues to Plague IoT Space
Read More about Mirai Botnet Continues to Plague IoT Space
How Existing Cybersecurity Frameworks Can Curb Supply Chain Attacks
Implementing Processes and Controls to Disrupt Attackers
Read More about How Existing Cybersecurity Frameworks Can Curb Supply Chain Attacks
The NPM package that walked away with all your passwords
Detecting malware in package manager repositories
Read More about The NPM package that walked away with all your passwords
Highlights from Black Hat USA 2019
Last week the 22nd annual Black Hat conference hosted over 19,000 security professionals in Las Vegas.
Read More about Highlights from Black Hat USA 2019
Top Ways to Get More Value From Your EDR
Because of a critical lack of skilled security resources and because of an overload of potential cyberattack related events, efficient operations and accurate analysis are top of mind for savvy security teams everywhere.
Read More about Top Ways to Get More Value From Your EDR
How Detecting High Priority Malware will Accelerate Quality App Development and Release
...
Read More about How Detecting High Priority Malware will Accelerate Quality App Development and Release
What Are Supply Chain Attacks? How to Protect Your Software Lifecycle
Traditional supply chain attacks impact the production of physical goods. Your supply chain might include partners delivering raw materials, suppliers with component parts used in manufacturing, as well as trucks for distribution of finished goods.Disruption of that supply chain could result in production shutdowns, aging inventory, degraded partner relations, and financial loss.
Read More about What Are Supply Chain Attacks? How to Protect Your Software Lifecycle
The PDF invoice that phished you
Blog 5 of 5 part series on advanced research into modern phishing attacks
Read More about The PDF invoice that phished you
Catching lateral movement in internal emails
Blog 4 of 5 part series on advanced research into modern phishing attacks
Read More about Catching lateral movement in internal emails