Technology is essential to modern business operations, but cybersecurity risks and data exposure threats come with that. Thankfully, a virtual chief information security officer (vCISO) can bring comprehensive strategic and operational leadership to security for companies that can only afford a part-time person in an executive cybersecurity role. Amid today’s industry-wide shortage of skilled security workers, vCISO could be the best option for finding and retaining critical security leadership.
Topics: Information Security, Data Protection, Personal Data Protection
How to Choose the Best SIEM System: 5 Things to Consider
Security information and event management, or “SIEM,” is a tool that assimilates all of your log data to give you an all-encompassing overview of the activity on your network. SIEM tools watch over your network and help you stop trouble in its tracks. Whether your organization has 200 or 20,000 employees, SIEM software can be a vital part of any company’s cybersecurity posture.
Topics: Cybersecurity, Network Security, SIEM, Monitoring
As a cybersecurity engineer and an unapologetically enthusiastic “web guy,” I have both a personal and professional interest in finding new exploitation methods. Recently, I found an interesting and creative way to control a browser by exploiting a cross-site scripting (XSS) vulnerability. I learn by doing, so I executed the concept to see it work in practice. Without spoiling too much, I was very pleased with the results! This attack uses nothing more than Netcat and some clever XSS injection code. For those unfamiliar with Netcat, it’s a networking utility that reads and writes data across network connections.
Topics: Network Security, Data Protection, Penetration Testing, hacking
In today’s fast-paced and remote workforce, establishing a secure remote connection is critical to conduct safe and efficient remote work. Securing this connection can be as simple as creating a jump box to access a network or device. This method allows for secure external access to internal resources without using custom firewall rules. Although there are several ways to initiate this connection, the one we’ll discuss here uses a reverse SSH tunnel through a jump box. The reverse connection process is more secure than the standard connection process, and it is the preferred option for connecting to sensitive remote devices.