In this monthly post, we try to make you aware of five different security related products. This is a repost from my personal website Ulyaoth. This month we have chosen for the following: * IBM QRadar * Snyk * Haven * HashiCorp Vault * Nikto IBM QRadar Information from the IBM Qradar website: QRadar Community […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Microsoft announced a bug in the Internet Information Services (IIS) where malicious HTTP/2 packets would consume 100% CPU until restarted. Microsoft have published patches that would allow a MS IIS administrator to mitigate this […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). On November 30, 2018. nccgroup disclosed CVE-2018-12404, CVE-2018-19608, CVE-2018-16868, CVE-2018-16869, and CVE-2018-16870. These were from vulnerabilities found back in August 2018 in several TLS libraries. Read more Top 5 Security News MacOs Zero-day exposes […]
True to tradition, Basefarm’s Head of Security Operation has looked deep into his crystal ball to see what the new year holds. Here are 8 security trends to look out for in 2019. 1. Workforce gap necessitates different solutions According to the (ISC)2 organisation, we have a shortage of three million cybersecurity professionals. Without the […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). With billions of user credentials being freely distributed online it’s high time to implement multi-factor authentication as the default way to authenticate. Wired has written an article about the magnitude of leaks: “Earlier this […]
All types of outsourcing of IT services, whether it’s to a local service provider or a global hyperscale cloud provider, have this in common: You can outsource a business process, but you cannot outsource the ownership of your business’s risk. That is why most companies that outsource must find ways to ensure their service providers […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). “A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Government Communications Headquarters (GCHQ), the UK’s counterpart to the National Security Agency (NSA), has fired the latest shot in the crypto wars. In a post to Lawfare titled Principles for a More Informed Exceptional Access Debate, […]
In this monthly post, we try to make you aware of five different security related products. This is a repost from my personal website Ulyaoth. This month we have chosen for the following: * Elastic Stack * Security Onion * Wireshark * Cuckoo * BeEF Elastic Stack Information from the Elastic Stack website: Threats don’t […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The European Commission decided to launch its bug bounty initiative, the Free and Open Source Software Audit (FOSSA) project. Starting in January, the European Commission is going to fund bug bounty programs for a […]