Decoding the Verizon DBIR Report: An Insider’s Look Beyond the Headlines

VMRay Logo 400x120For the past 13 years, Verizon’s “Data Breach Investigations Report” (DBIR) has been the industry’s definitive resource for documenting and benchmarking the global state of cybersecurity. As always, the Verizon DBIR team does an admirable job of sifting through an impressively large data set to tease out the underlying trends that are driving the market.

Continue reading

Government agencies under attack: How a SOC can protect against cyber threats

threatquotient logo 400x160Traditionally, large companies have been the main targets of hackers, as they attract potentially high ransom money. It goes without saying, however, that it is precisely those companies with a lot of capital that strengthen their IT security structures due to this threat. But what does this mean for cyber criminals? They are looking for new victims, with defence systems that are easier to crack and grown IT infrastructures as well as municipal or state funds.

Continue reading

10 Ways Hackers Exploit Passwords and Enterprise Credentials

Rangeforce Logo 400x160Non-compliant and compromised passwords represent some of the weakest links and greatest threats to online security for both individuals and organizations today. Hackers steal credentials for profit using various techniques ranging from online and offline brute force, dictionary, and keylogger attacks to scanning cloud resources for exposed and forgotten credentials left on publicly accessible servers.

Continue reading

From pentesting to red teaming: Security testing solutions compared

picus Logo 2019In our recent blog, What is security testing and why is it important?, we talked about how security testing is one of the single most important jobs an effective security department can do. Without it, security leaders have no way to make informed and pragmatic decisions about the areas of investment they need to prioritize - and no basis on which to make the argument for a bigger security budget.

Continue reading

What Is Spear Phishing?

okta logo 400 colorSpear phishing is a form of cyber attack targeted at a particular person or small set of individuals. In these scams, bad actors research their chosen targets and attempt to convince them to surrender sensitive data or financial information. Spear phishing attacks may also aim to infect user devices with malware, allowing attackers to steal the data they need to carry out further attacks on an organization.

Continue reading

Using Personalized Watermarks to Prevent Data Loss and Aid in Forensics

NC Logo Color 400x160Collaboration tools have provided companies with a lifeboat, allowing employees to work from home in the midst of a pandemic. They make communication, idea sharing and collaboration on documents possible from anywhere. However, it’s that same ease which also make it easy for data misuse or theft to occur due to negligence or malicious intent.

Continue reading

RIPPLE20: FINDING VULNERABLE DEVICES AND DETECTING ATTACKS

ExtraHop logo 400x160kYou've probably heard about Ripple20, but why is it so significant and how will you know if your environment is affected? Ripple20 is a series of recent vulnerabilities discovered by JSOF in devices that contain the Treck networking stack. The Treck stack has been in use in embedded devices for more than twenty years. Hundreds of millions of devices in the industrial controls, networking, transportation, retail, oil and gas, medical, and other fields that use the Treck software are now                                                                        known to be vulnerable to exploits. 

Continue reading

FedRAMP Authorization: Why ‘Moderate’ Matters

cofense logoFedRAMP, the federal program created to assess the security of cloud service providers (CSPs), saves time and cuts costs for U.S. government agencies that would otherwise conduct their own assessments. CSPs are granted authorizations at three impact levels: low (includes low-baseline and low-impact SaaS “li-SaaS”), medium, and high, aligned to the impact levels based on NIST guidelines. While the high-impact level protects the most sensitive government data, the moderate-impact level                                                               meets the needs of many agencies.

Continue reading

INTRODUCING NEW REVEAL(X) 360 INNOVATIONS

ExtraHop logo 400x160kCloud service providers do a great job of delivering on the promise of being able to easily deploy and destroy instances according to need. But for security teams, the ephemeral nature of the cloud expands the attack surface, adds complexity, and has made it difficult to quickly direct resources to where they're needed most—until now.

Continue reading

Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn

ECTACOM Vienna

ectacom GmbH
+43 664 42 20 555
Am Europlatz 2
A-1120 Wien

ECTACOM POLAND

ectacom
+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warschau