These days it’s not a matter of if you’ll be targeted in a phishing attack but when.
Use this detailed how-to guide from CompTIA to plan and execute your company’s diversity and inclusion efforts.
With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.
Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External tools and products that are managed by vendors and developers can pose a security risk, especially to targets in sensitive industries.
|
The National Institute of Standards and Technology (NIST) has finalized a report, first published in draft form in May, that reviews the scientific foundations of forensic methods for analyzing computers, mobile phones and other electronic devices. |
NIST has published NIST Internal Report (IR) 8409, Measuring the Common Vulnerability Scoring System Base Score Equation
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
NIST has published Special Publication (SP) 800-215, Guide to a Secure Enterprise Network Landscape.
Business impact analyses (BIAs) have been traditionally used for business continuity and disaster recovery (BC/DR) planning to understand the potential impacts of outages that compromise IT infrastructure. However, BIA analyses can be easily expanded to consider outages related to cyber risks and issues attributable to confidentiality and integrity.
