Back in 2010, John Kindervag, the then-principal analyst at Forrester, coined the term Zero Trust. The idea behind this edgy-sounding concept was that when it comes to network security, nothing can be trusted and everything — and everyone — should be verified.
Over the last few weeks, Safe-T has provided a basic introduction to the tools and operating systems that you’ll use as a member or leader of a red team. Now, let’s contextualize them – how would you use these tools in the context of an actual security exercise?
Over the last few months, there’s been another massive security breach, one that you potentially haven’t heard of. Its scale was nearly as large as that of Equifax, with 130 million consumers affected.
No company is too small to be devastated by a ransomware attack. In fact, small and medium-sized businesses (SMBs) are prime targets, and the number--and cost--of such attacks continues to rise.
Think of the last time you logged into your network. Let’s assume that you used a traditional VPN, with a traditional IAM scheme underneath. This isn’t a bad assumption, because 25% of all internet traffic goes over a VPN.
Open source databases may have a problem. For the second time in just three years, a popular open-source database has become infected, on a massive scale, with cryptocurrency-related malware. In late 2016, the vector of the infection was MongoDB, and the source of the infection was ransomware.
Another year has gone by – another year that seems to have been a single all-consuming cyber-disaster. 2017 has been so bad for information security that it’s hard to even visualize separate security incidents.