Security Boulevard

Why is Advanced Secrets Security Essential in Today’s Cloud-Based Ecosystem? Could advanced secrets security be the key to mitigating these risks and ensuring robust data protection? Understanding Non-Human Identities (NHIs) and Their Role in Cybersecurity Non-Human Identities (NHIs) represent machine identities used in cybersecurity. They are key components in any security system, particularly those in […]

The post Relieved by Advanced Secrets Security? appeared first on Entro.

The post Relieved by Advanced Secrets Security? appeared first on Security Boulevard.

Is Your IAM Process Providing the Security Your Organization Needs? It has become increasingly essential for businesses to rethink and reimagine their Identity and Access Management (IAM) processes. The question arises, is your IAM strategy adequately built to handle the onslaught of cyber threats? Does it provide you the reassurance of robust protection of your […]

The post Reassured by Your IAM Processes? appeared first on Entro.

The post Reassured by Your IAM Processes? appeared first on Security Boulevard.

Why is Proactive NHIDR Critical in Security Planning? It’s no longer sufficient to be reactive; the key lies in being proactive, particularly when it comes to Non-Human Identity and Detection Response (NHIDR) plans. With the growing complexity and volume of NHIs, companies can no longer afford to ignore this integral component of security strategy. Now, […]

The post Proactive Measures in Your NHIDR Plans? appeared first on Entro.

The post Proactive Measures in Your NHIDR Plans? appeared first on Security Boulevard.

Learn your role in protecting employees against stalking threats and how to strengthen your workplace violence prevention strategy accordingly An employee is being stalked by someone, either known or unknown to them. Although most of the stalking occurs outside of work, the predictable nature of work hours and location leaves the employee feeling unsafe when…

The post How to Ensure Workplace Safety for Employees Experiencing Stalking appeared first on Ontic.

The post How to Ensure Workplace Safety for Employees Experiencing Stalking appeared first on Security Boulevard.

Author/Presenter: Randi Tinney

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – From Theory To Reality Demonstrating The Simplicity Of SPARTA Techniques appeared first on Security Boulevard.

2 min readThis certification validates our ongoing commitment to protecting customer data and maintaining rigorous security controls.

The post Aembit Earns SOC 2 Type II Recertification for Ongoing Security and Compliance appeared first on Aembit.

The post Aembit Earns SOC 2 Type II Recertification for Ongoing Security and Compliance appeared first on Security Boulevard.

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Scream Cipher’ appeared first on Security Boulevard.

The post Enterprise Privacy Management with Feroot AlphaPrivacy AI: Implementation Guide appeared first on Feroot Security.

The post Enterprise Privacy Management with Feroot AlphaPrivacy AI: Implementation Guide appeared first on Security Boulevard.

Employment screening company DISA says data of 3.3 million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties.

The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

Discover all of the exciting events you can find us at this March and April!

The post Spring 2025 Events Spotlight appeared first on Security Boulevard.

Lock Out Hackers: Why Every School Needs Strong Passwords We recently hosted a live webinar to help kick off 2025, encouraging you to strengthen your school district’s cybersecurity and online safety systems. This webinar featured two expert K-12 guest panelists: Skip Cooley, Director of Technology at Clinton School District, and Tyler Derickson, Cybersecurity & Systems ...

The post Lock Out Hackers: Why Every School Needs Strong Passwords appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post Lock Out Hackers: Why Every School Needs Strong Passwords appeared first on Security Boulevard.

Author/Presenter: Angelina Tsuboi

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – How I Developed A Low Cost Raspberry Pi Based Device For ADS B Spoof appeared first on Security Boulevard.

Discover how JSON Web Tokens (JWT) revolutionize web authentication. This guide covers everything from basic concepts to advanced security measures, helping you implement secure, scalable authentication in modern applications.

The post Understanding JWT: From Basics to Advanced Security appeared first on Security Boulevard.

In an increasingly adversarial threat landscape, software security can't be just one more checkpoint on the road to your next release. It should be integral to how every member of your development team works, from developers and DevOps professionals to quality assurance testers and project managers. As your organization faces increasingly sophisticated threats, a security-minded development team has evolved from a "nice-to-have" into a business imperative.

The post Building a security-minded development team: DevSecOps tools and SDLC best practices appeared first on Security Boulevard.

Sophisticated OT threats, like living-off-the-land (LotL) attacks, exploit identity vulnerabilities to infiltrate critical infrastructure. Find out how robust identity security and unified exposure management can help you detect, prioritize and mitigate risks across IT and OT environments.

The attack surface that today’s security leaders have to defend is growing at an unprecedented rate, and the situation is particularly challenging for organizations managing critical infrastructure: almost 70% of cyber attacks in 2023 targeted critical infrastructure, according to IBM’s “X-Force Threat Intelligence Index 2024” report. What was once a manageable task of protecting a defined network perimeter has transformed into a complex challenge of securing a vast, interconnected web of cyber-physical systems – IT, operational technology (OT), internet-of-things (IoT) devices, and more. These devices and their associated networks are under increasing pressure from sophisticated threat actors, who are leveraging advanced techniques such as living-off-the-land (LotL) attacks to infiltrate critical infrastructure networks.

LotL techniques are especially dangerous in OT networks because they usually house “insecure by design” legacy and unmanaged systems that may not support the latest patches or cannot be easily upgraded without affecting operations. Additionally, these OT networks may share resources or trusted zones with IT environments. These two elements create an ideal landscape for attackers to move laterally and undetected between IT and OT networks.

Advanced attack techniques blur the boundaries between historically separate security domains

Operational technology (OT) refers to the hardware and software systems that monitor and control physical devices, processes and events in environments such as industrial operations, building facilities, energy and water infrastructure, data centers and transportation systems. Unlike IT, which focuses on data and information, OT systems interact directly with the physical world. 

LotL attacks and similar modern attack strategies exploit legitimate, trusted applications pre-installed on many devices that control OT devices, as well as credentials within a system to avoid traditional detection methods. Rather than deploying new malware, these attacks rely on exploiting tools that are already present in the breached network.

 

 

With legacy OT systems often lacking detailed logging or monitoring of user activities, attackers target over-privileged accounts to perform critical actions like modifying system configurations, disabling security controls or accessing sensitive data using legitimate permissions. This allows them to evade traditional IT-based security tools that rely on identifying malicious software and that are separate from the OT environment.

Common LotL tactics include:

• Misusing legitimate tools: Attackers leverage tools pre-loaded onto operating systems such as Certutil, Ntdsutil and XCOPY to achieve their goals while masking as regular system activity.
• Hands-on-keyboard attacks: Human attackers directly manipulate compromised systems instead of relying on automated or programmed tools to evade detection by common security tools, such as endpoint detection and response (EDR).

These techniques are particularly dangerous in OT environments, where: 

• Legacy systems may lack robust logging and monitoring capabilities, and may share resources or trusted zones with IT. 
• Shared or default accounts make it difficult to track user activity and identify unauthorized access. 

These conditions result in an ideal landscape for attackers to move laterally across IT and OT undetected.

Case in point: The Volt Typhoon group

The state-sponsored Chinese hacking group Volt Typhoon (first identified in May 2023), exemplifies the threat posed by LotL attacks. The group targeted critical infrastructure organizations in the U.S., including in the energy, communications and maritime sectors, using legitimate tools and native Windows commands to avoid detection. By exploiting existing system tools like PowerShell and WMI and not using malware, Volt Typhoon seeks to evade traditional defenses. Its focus on credential harvesting and maintaining persistent access highlights the importance of securing identities as a cornerstone of OT security, alongside robust OT network monitoring and configuration change tracking.

Identity security: the missing ingredient for securing cyber-physical systems

Understanding what assets you have and the vulnerabilities associated with them helps ensure you are closing your exposure to stop attackers from getting a foothold in the first place. Attackers typically exploit identity and access systems—especially Microsoft’s Active Directory, a common entry point and target—to escalate privileges, maintain access and execute their strategies. Other common identity exploits that can impact OT systems include shared credentials, default passwords and lack of multi-factor authentication. 

Effective OT security requires a holistic approach that prioritizes identity security. Such an approach helps you:

• Understand your assets: By identifying and assessing vulnerabilities across your OT environment, you can prevent attackers from gaining a foothold.
• Monitor for anomalies: This allows you to monitor credential usage for unusual activity, such as logins from unexpected locations or outside of normal work hours.
• Limit privilege escalation: Proactively identifying privileged accounts and enforcing least privilege policies helps you restrict access to sensitive resources, even if an account is compromised.
• Harden AD: Given attackers’ focus on AD, it’s key for you to regularly audit AD for misconfigurations and enforce strong access controls. Consider dedicated AD domains for OT environments for enhanced security.
• Identify attack paths: Using exposure management tools can help you identify potential attack paths involving compromised identities and OT assets, allowing for proactive intervention. 

Closing the gap with exposure management

The role of the CISO continues to evolve in parallel with today’s expanding threat landscape. No longer limited to safeguarding traditional IT environments, security leaders find themselves increasingly responsible for securing OT environments, along with cloud infrastructures, mobile devices, IoT and smart devices, advanced AI systems and shadow IT assets. Each component introduces vulnerabilities, making comprehensive security more difficult.

Securing an organization today requires a far-reaching approach – it’s no longer sufficient to rely on basic defenses. Instead, security leaders must address a continuously shifting environment where attackers use sophisticated techniques and exploit diverse entry points.

However, siloed security tools fail to provide a comprehensive view of the entire attack surface. Such fragmented solutions for security make it difficult for security teams to collaborate across IT and OT to identify risky connections that enable attackers to gain initial access, move laterally across the network and escalate privileges.

The Tenable One Exposure Management Platform offers a unified solution to address this challenge by providing security teams with a set of critical capabilities:

• Complete attack surface visibility, which gives you insights across the modern attack surface, including OT, IoT, and IT assets
• Prioritized risk management, which lets you identify and prioritize the exposures most likely to have a significant impact on critical infrastructure
• Bridging of security silos, which brings together data across Tenable products – including Tenable OT Security and Tenable Identity Exposure – and combines it with third-party data to generate a holistic and real-time view of identities, risks, and configurations
• Attack path visualization, which identifies and closes potential attack paths that allow threat actors to traverse across converged IT and OT environments

 

(Source: Internal Tenable survey, July 2024)

Incorporating identity security and OT security monitoring as part of any security strategy is critical—through real-time monitoring, anomaly detection, privilege controls, and AD hardening to proactively close risk exposures. By adopting a comprehensive exposure management approach, organizations can gain the visibility and context needed to effectively protect critical infrastructure from evolving threats.

To see how Tenable One helps organizations bridge the gap between securing OT and identities, check out this video, where we demonstrate how Tenable’s AI-powered capabilities help you identify likely attack paths and close risky exposures before attackers can exploit them.
 

For a deeper dive into how exposure management helps bolster your security posture, download the whitepaper "Hackers Don't Honor Security Silos: 5 Steps To Prioritize True Business Exposure" and read the blog post "CISA Finding: 90% of Initial Access to Critical Infrastructure Is Gained Via Identity Compromise. What Can You Do About It?"

The post Identity Security Is the Missing Link To Combatting Advanced OT Threats appeared first on Security Boulevard.

The fintech industry has revolutionized the way we manage money, invest, and conduct financial transactions. With the rise of digital banking, mobile wallets, and investment...Read More

The post Biggest Challenges in Developing Fintech Apps & How to Overcome Them appeared first on ISHIR | Software Development India.

The post Biggest Challenges in Developing Fintech Apps & How to Overcome Them appeared first on Security Boulevard.

The Cybersecurity Maturity Model Certification (CMMC) process is just around the corner and is expected by most to go into effect early next year. This is why defense tech companies need to act today to start their compliance journey.

The post It’s Time for Defense Tech Companies to Get Ahead of CMMC Before They Get Left Behind    appeared first on Security Boulevard.

The rise of AI co-pilots is exposing a critical security gap: sensitive data sprawl and excessive access permissions.

Related: Weaponizing Microsoft’s co-pilot

Until now, lackluster enterprise search capabilities kept many security risks in check—employees simply couldn’t find much of the … (more…)

The post GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must first appeared on The Last Watchdog.

The post GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must appeared first on Security Boulevard.

Starting in Q3 2024, Cofense Intelligence detected an ongoing campaign targeting employees working in social media and marketing positions. In this campaign, marked employees were encouraged to apply to a social media manager position in a Fortune 500 company. Meta, Coca-Cola, PayPal, and other brand name companies were spoofed to send fake job applications to prospects.

The post Job Application Spear Phishing appeared first on Security Boulevard.

How Secure Are Your Cloud Secrets? Is your organization truly protecting its cloud secrets, or are there gaps that might be exploited by malicious cyber actors? Non-Human Identities (NHIs) and Secrets Security Management is emerging as an essential cybersecurity strategy to safeguard these crucial data assets. In this blog post, we delve into the intricacies […]

The post Are Your Cloud Secrets Truly Protected? appeared first on Entro.

The post Are Your Cloud Secrets Truly Protected? appeared first on Security Boulevard.