Learn more about data loss prevention software in Data Protection 101, our series covering the fundamentals of data security.

These days, companies are continually falling prey to attacks from thieves who get past their cyber security measures and steal consumer and financial data. They target system vulnerabilities to acquire the information they seek, which is usually cardholder data.Until 2004, there were no set regulations or standards for merchants and vendors to follow for preventing cardholder theft. Major credit...

Comparing and quantifying your cybersecurity posture against peer organizations in the financial sector provides valuable context for how your cybersecurity program performs relative to others in your industry. Digital Defense’s Insight peer comparison report in the Fortra Vulnerability Management platform vulnerability and threat management platform provides actionable and detailed intelligence...

Microsoft Domain Controller “ZeroLogon” VulnerabilityA recent disclosure by Dutch security firm Secura B.V. has highlighted how dangerous a Netlogon vulnerability (CVE-2020-1472) included in the August 2020 Patch Tuesday release can be to a network. To exploit this vulnerability, an attacker with an established foothold in an internal network could exploit the weak cryptographic algorithm used by...

In the battle against cyber adversaries, IT security professionals have to carefully balance competing objectives; protecting business assets and processes while enabling legitimate business operations and initiatives. Maximizing both objectives is challenging, especially in a highly competitive and digitally connected business environment. Far too frequently, sacrifices in cyber defenses and...

When a network or device is compromised, it is critical to respond as quickly as possible in order to minimize the risk to your business. To have an almost instantaneous incident response, you have to do two things: you have to detect the incident immediately and you have to respond immediately. Here we’ll show how combining automated detection with network access control (NAC) can improve...

Slack Desktop Application Remote Code Execution (RCE) Vulnerability A RCE flaw was disclosed on August 31st, 2020, which affects the users of the Windows, Mac OS, and Linux desktop application versions of Slack. Users that click on an HTML injected image, will be redirected to an attacker’s server where a malicious javascript payload will be executed within the Slack application on their local...

Policy alone is rarely enough to influence change. Lasting impact requires buy-in from the organization and is best achieved using a mix of different influence levers.

While pen testing has been around since the 1960s, not all organizations have yet perfected the art of conducting them. In fact, not all companies are taking advantage of them, but that’s a conversation for another time.Below are a few common pitfalls that even experienced security teams fall victim to from time to time.Wrong FrequencyPenetration tests evaluate your security posture at the moment...