#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

SANS Institute | Breaking Cybersecurity News | The Hacker News

Category — SANS Institute
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys

Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys

Aug 20, 2024 Cybersecurity / Cloud Security
As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive record of actions taken within an AWS account. Think of AWS CloudTrail like an audit or event log for all of the API calls made in your AWS account. For security professionals, monitoring these logs is critical, particularly when it comes to detecting potential unauthorized access, such as through stolen API keys. These techniques and many others I've learned through the incidents I've worked in AWS and that we built into SANS FOR509 , Enterprise Cloud Forensics.  1. Unusual API Calls and Access Patterns A. Sudden Spike in API Requests One of the first signs of a potential security breach is an u
Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024

Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024

Aug 08, 2024 Artificial Intelligence / Network Security
The Immersive Experience Happening This September in Las Vegas! In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but critical. SANS Institute, the premier global authority in cybersecurity training, is thrilled to announce Network Security 2024 , a landmark event designed to empower cybersecurity professionals with groundbreaking skills, knowledge and insights. Taking place from September 4-9, 2024, at Caesars Palace in Las Vegas and online, this event promises to deliver unparalleled learning experiences and networking opportunities. ensuring accessibility for attendees across the globe. A transformative highlight of this year's event includes AI-focused keynote led by Daniel Miessler, Founder of Unsupervised Learning and Creator of Fabric AI. In his keynote, "How to Run Your Security Program Using AI Before Someone Else Does," Daniel will explore how AI can be seamlessly integrated i
NIST Cybersecurity Framework (CSF) and CTEM – Better Together

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Sep 05, 2024Threat Detection / Vulnerability Management
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally tailored for Critical infrastructure, 2018's version 1.1 was designed for any organization looking to address cybersecurity risk management.  CSF is a valuable tool for organizations looking to evaluate and enhance their security posture. The framework helps security stakeholders understand and assess their current security measures, organize and prioritize actions to manage risks, and improve communication within and outside organizations using a common language. It's a comprehensive collection of guidelines, best practices, and recommendations, divided into five core functions: Identify, Protec
Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Aug 02, 2024 Vulnerability / Network Security
Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk.  The SANS Internet Storm Center published a report showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet. As part of its extensive project portfolio, the Apache Foundation supports OFBiz , a Java-based framework for creating ERP (Enterprise Resource Planning) applications. OFBiz appears to be far less prevalent than commercial alternatives. However, just as with any other ERP system, organizations rely on it for sensitive business data, and the security of these ERP systems is critical. In May this year, a critical security update was released f
cyber security

Secure Your Network: 40% Face Full Takeover Risk

websitePicus SecurityEndpoint Security / Attack Surface
Understand and address the critical risks in your network to prevent takeovers.
Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations

Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations

Jul 19, 2023 Cybersecurity / OSINT
On April 5, 2023, the FBI and Dutch National Police  announced the takedown of Genesis Market , one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI's warrant  here  for details specific to this case. In light of these events, I'd like to discuss how OSINT can assist with dark web investigations. The Dark Web's anonymity attracts a variety of users, from whistleblowers and political activists to cybercriminals and terrorists. There are several techniques that can be used to try and identify the individuals behind these sites and personas. Technical Vulnerabilities While not considered OSINT, there have been instances when technical vulnerabilities have existed in the technology used to host dark websites. These vulnerabilities may exist in the software itself or be due to misconfigurations, but they can sometimes revea
Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender

Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender

Dec 08, 2022 XDR Solution / Endpoint Security
Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation season, improve your cybersecurity! The end of the year is a great time to re-evaluate your cybersecurity strategy and make some important investments in protecting your personal and professional data. Cyber threats are constantly evolving and becoming more sophisticated, so it's important to stay on top of your security game. Investing in cybersecurity is not just about protecting your business from potential threats. It's also about gaining a competitive edge and earning the trust of your customers. In today's connected world, customers expect companies to prioritize their security. By investing in cybersecurity, you can show your customers that you value their data and their loyalty. One of the best ways to do this is to take advantage of year-end offers from top cybersecurity companies. Many of these companies offer special discounts on their products and services at thi
Expert Insights / Articles Videos
Cybersecurity Resources