Information Leakage: What you need to Know
Information leakage poses a serious problem for thousands of companies around the world. Many software startups and even large, established enterprise organizations have difficulty ensuring that technical data is kept under lock and key. Problems proliferate with secrets being improperly committed on GitHub repositories and Amazon S3 buckets with poorly improperly configured permissions leaving sensitive […]
Dark Web Monitoring: A Quick Guide
Organizations are concerned about the proliferation of threats on the dark web. Even as cybersecurity budgets have increased dramatically over the past decade, ransomware, phishing and other cyber threats have grown in intensity and frequency. For example, Flare’s Research team identified a surge in ransomware attacks from 2020 to 2021 – a total increase of […]
Digital Risk Protection (DRP) Glossary
We are aware of the information overload and wealth of technical terms that may sometimes be confusing. To make it easier to understand industry terminology, we came up with some definitions of some of the most popular cybersecurity concepts. DRP In its 2020 report titled “Emerging Technologies: Critical Insights in Digital Risk Protection Services,” Gartner […]
The Threat Landscape Post-COVID-19 and How You Can Address It
The Covid-19 pandemic has changed not only our perspective on life and work, but also cybersecurity strategy worldwide. The past nearly two years have prompted a shift to digitalization and extensive cloud migration, raising concerns about data security and integrity. Even before the pandemic started, industry reports had estimated that the market would “grow at […]
Noise Reduction and Prioritisation: One Size Does Not Fit All
One man’s trash is another man’s treasure, what one considers undesirable is likely specific to the listener. Or, at least, that is the unwritten rule in several situations, one of which seems to have so far been the threat landscape monitoring tools industry. The endless war against alert fatigue In the infosec community, talking about […]
How to Mitigate the Risks of Token Leaks
Access tokens are used in token-based authentication and allow users to access a website, an application or API. After verifying their identity, the user has no need to re-enter their credentials for the lifetime of the token, as the token serves as their entry ticket. When they are created, tokens are granted a defined scope […]
How Prepared Are CISOs for Cloud Security Risks?
Since the COVID-19 pandemic started, remote teams have increased reliance on cloud communication and team collaboration services. Although there was interest in cloud adoption far before the pandemic hit, industry research has found that 9 out of 10 organizations have since rushed to adopt cloud services. While this spawns tremendous scalability opportunities, cloud migration may […]
Why your team should be concerned about leaky buckets on the internet
Since its inception in March 2006, AWS cloud storage option, also referred to as S3 (Simple Storage Service), has generated keen interest due to its low maintenance and configuration, high availability and “pay as you go” accessible pricing. Microsoft jumped on the bandwagon by formally launching its own cloud services in 2010, maintaining ever since […]
What kind of data could your PDF files be leaking online?
In the 2003 timeframe leading up to the Iraq war, a British government representative published a Word document on their website, containing information related to “Iraq’s security and intelligence organizations.” This information had been previously referenced by Colin Powel during a United Nations address. When the British dossier was made public, it was revealed the […]
How Long Have You Thought about Backup Management this Month?
We all know we should have backups. It’s not a task we particularly love doing, and it is definitely something that we forget to do unless automated. How many people religiously plugged in their iPhone in their computer to back it up a few years ago, when backups were not sent automatically to the cloud […]
