This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). On November 30, 2018. nccgroup disclosed CVE-2018-12404, CVE-2018-19608, CVE-2018-16868, CVE-2018-16869, and CVE-2018-16870. These were from vulnerabilities found back in August 2018 in several TLS libraries. Read more Top 5 Security News MacOs Zero-day exposes […]
True to tradition, Basefarm’s Head of Security Operation have looked deep into his crystal ball to see what the new year holds. Here are 8 security trends to look out for in 2019. 1. Workforce gap necessitates different solutions According to the (ISC)2 organisation, we have a shortage of three million cybersecurity professionals. Without the […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). With billions of user credentials being freely distributed online it’s high time to implement multi-factor authentication as the default way to authenticate. Wired has written an article about the magnitude of leaks: “Earlier this […]
All types of outsourcing of IT services, whether it’s to a local service provider or a global hyperscale cloud provider, have this in common: You can outsource a business process, but you cannot outsource the ownership to your business’s risk. That is why most companies that outsource must find ways to ensure their service providers […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). “A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Government Communications Headquarters (GCHQ), the UK’s counterpart to the National Security Agency (NSA), has fired the latest shot in the crypto wars. In a post to Lawfare titled Principles for a More Informed Exceptional Access Debate, […]
In this monthly post, we try to make you aware of five different security related products. This is a repost from my personal website Ulyaoth. This month we have chosen for the following: * Elastic Stack * Security Onion * Wireshark * Cuckoo * BeEF Elastic Stack Information from the Elastic Stack website: Threats don’t […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The European Commission decided to launch its bug bounty initiative, the Free and Open Source Software Audit (FOSSA) project. Starting in January, the European Commission is going to fund bug bounty programs for a […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The Australian “Telecommunications Assistance and Access Bill 2018,” also known as the Anti-Encryption Bill, was passed on the 6th of December, and it’s expected that it becomes law in early 2019. This new bill […]
You’ve done your homework and decided your company needs a Security Operations Center (SOC) to keep yourself protected and your customers’ data secure. You have a few options available: should you build your own SOC or find a provider for SOC as a service? The benefit of having your own SOC is having your own […]