Security Boulevard

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Sky Alarm’ appeared first on Security Boulevard.

What started off as a vision I had many years ago has hit a significant milestone. The Host Unknown Podcast has somehow managed to stumble its way to 200 episodes. It’s a feat that probably a testament to the sheer stubbornness of my co-hosts Thom Langford and Andrew Agnês – and a bit of external … Continue reading 200 Episodes of the Host Unknown Podcast →

The post 200 Episodes of the Host Unknown Podcast appeared first on Security Boulevard.

Multiple types of organizations around the world are currently facing heightened threats from Iran-aligned cyber actors. Researchers continue to report significant increases in Iran-aligned threat activity well after the start of the Israel-Hamas War in October 2023. In recent weeks alone, Iran-backed groups deployed new malware for long-term intelligence collection, compromised U.S. presidential campaign systems, and even collaborated to ransom entities in critical U.S. and foreign industries. 

Whether you are a defender who wants to quickly assess defenses against all current major threats or an analyst looking to pinpoint certain groups with relevant motivations or targeting patterns, this resource aims to help by highlighting numerous links to recent adversary, tool, & TTP intelligence from across the Tidal Cyber knowledge base. 

How to Operationalize This Intelligence: Tidal Cyber is specifically designed to operationalize adversary behavioral intelligence. The free Community Edition lets defenders easily pivot from or compareadversary TTPs to elements of their defensive stack (60-second tutorial). The Enterprise Editionplatform supercharges this workflow witheasy-to-maintain collections of relevant threats, fully featured Defensive Stacks, and continually updated Coverage Maps. 

The post Iran Cyber Threat Resource Center: How to Navigate Amid Geopolitical Conflicts and Tensions appeared first on Security Boulevard.

Authors/Presenters:Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Ultimate SLH: Taking Speculative Load Hardening To The Next Level appeared first on Security Boulevard.

Authors/Presenters:Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Ultimate SLH: Taking Speculative Load Hardening To The Next Level appeared first on Security Boulevard.

Recently in our webinar series with Amazon Web Services (AWS) and Fortify by OpenText™, our third installment, "The Power of SBOMs: Regulations Looming," brought the panel together to discuss the evolving role of software bills of materials (SBOMs) amidst tightening global regulations.

The post Navigating new regulations and the role of SBOMs in software security appeared first on Security Boulevard.

In a recent podcast interview with Cybercrime Magazine's host, David Braue, Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, discusses the July 2024 CrowdStrike outage, explaining what happened and more. 

The post Microsoft-CrowdStrike Outage Explained appeared first on Security Boulevard.

A fully open model — one where the training data is available for inspection and modification — provides a means for addressing another threat: malicious or accidentally bad training data.

The post Why NTIA Support of Open-Source AI is Good for Security appeared first on Security Boulevard.

According to Nearly 300 Security Practitioners One of the best ways to proactively protect your organization is through threat hunting....

The post The Evolution of Threat Hunting appeared first on Security Boulevard.

Snyk and Snowflake have allied to make it simpler for cybersecurity teams to analyze the security posture of their IT environments using data hosted in the cloud.

The post Snyk Allies With Snowflake to Improve Data Security appeared first on Security Boulevard.

The slow adoption of SaaS security could catch organizations off guard because SaaS operates at a different pace than traditional software.

The post SaaS Security: Are You Moving Fast Enough? appeared first on Security Boulevard.

Is the network defendable? This serious question is often conveniently left unasked because the answer is uncomfortable. On June 3, 1983, the day before I graduated from high school, MGM released the movie “War Games”.  For those who never saw the movie, the plot is essentially a teenage hacker accidentally kicks off an AI computer..

The post Is the “Network” Defendable? appeared first on Security Boulevard.

August has seen some of the most eye-opening vulnerabilities surface, catching the attention of security experts across the globe. These aren’t just numbers in a database, they represent real challenges...

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Strobes Security.

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Security Boulevard.

Recently, Canonical has released security updates to address multiple Vim vulnerabilities in Ubuntu 14.04 ESM. Ubuntu 14.04, codenamed “Trusty Tahr,” reached its end-of-life (EOL) on April 30, 2019. After this date, Canonical stopped providing official updates, including security patches, for this version. However, some users and organizations still rely on older versions like Ubuntu 14.04 […]

The post Ubuntu Patches Multiple Vim Vulnerabilities appeared first on TuxCare.

The post Ubuntu Patches Multiple Vim Vulnerabilities appeared first on Security Boulevard.

We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses

The post NEW: ARMO Platform Introduces Auto-Generation of Seccomp Profiles appeared first on ARMO.

The post NEW: ARMO Platform Introduces Auto-Generation of Seccomp Profiles appeared first on Security Boulevard.

PALO ALTO, Calif. – September 3, 2024 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it received a CMVP–validated certificate for the AlmaLinux 9.2 kernel and is now on the NIST Active list.    TuxCare’s  Extended Security Updates offering provides a complete set of FIPS-validated AlmaLinux packages required for regulated workloads, […]

The post TuxCare Completes FIPS 140-3 Certification for AlmaLinux 9.2 Kernel appeared first on TuxCare.

The post TuxCare Completes FIPS 140-3 Certification for AlmaLinux 9.2 Kernel appeared first on Security Boulevard.

In the cyberthreat landscape, Qilin ransomware attack has recently been observed stealing credentials in Chrome browsers. Reports claim that these credentials are being acquired using a small set of compromised end points. In this article, we’ll cover how the attack plays  out and the complexities involved with deploying defense mechanisms. Let’s begin! Qilin Ransomware Attack […]

The post Qilin Ransomware Attack Used To Steal Chrome Browser Data appeared first on TuxCare.

The post Qilin Ransomware Attack Used To Steal Chrome Browser Data appeared first on Security Boulevard.

We are excited to announce the release of Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader. This tool is designed to facilitate the easy execution of Cobalt Strike BOFs and unmanaged PE files directly in memory without writing any files to disk. Goffloader aims to take functionality that is conventionally within […]

The post Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader appeared first on Praetorian.

The post Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader appeared first on Security Boulevard.

Reading Time: 5 min Secure your domain with our expert DMARC provider and management services. Enjoy seamless DMARC management, continuous monitoring, and tailored solutions.

The post The Role of Digital Adoption in Email Deliverability & Security appeared first on Security Boulevard.

Navigating the world of SOC 2 compliance can seem daunting for startups. This article breaks down the complexities, explaining what SOC 2 is, why it's important, and how your startup can achieve and maintain compliance without breaking the bank or slowing down growth.

The post Demystifying SOC 2 Compliance for Startups: A Simple Guide appeared first on Security Boulevard.