SANS Institute | Breaking Cybersecurity News | The Hacker News

In today's fast-evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats grow increasingly sophisticated, the demand for skilled cybersecurity professionals has never been higher. Whether you're a seasoned cyber professional or just starting your journey , signing up for the GIAC Newsletter ensures you're always informed and equipped for the evolving landscape of cybersecurity. One of the most effective ways to demonstrate expertise in this critical field is through cybersecurity certifications. These credentials serve as a benchmark for skills and knowledge, differentiating candidates in a competitive job market and validating their commitment to the field. Moreover, the financial benefits, such as salary increases and promotions, make certifications a strategic investment in one's career.  Industry Standards: The Benchmark of Skills and Knowledge Certifications are widely recognized by employers as a reliab...

As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive record of actions taken within an AWS account. Think of AWS CloudTrail like an audit or event log for all of the API calls made in your AWS account. For security professionals, monitoring these logs is critical, particularly when it comes to detecting potential unauthorized access, such as through stolen API keys. These techniques and many others I've learned through the incidents I've worked in AWS and that we built into SANS FOR509 , Enterprise Cloud Forensics.  1. Unusual API Calls and Access Patterns A. Sudden Spike in API Requests One of the first signs of a potential security breach is ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

The Immersive Experience Happening This September in Las Vegas! In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but critical. SANS Institute, the premier global authority in cybersecurity training, is thrilled to announce Network Security 2024 , a landmark event designed to empower cybersecurity professionals with groundbreaking skills, knowledge and insights. Taking place from September 4-9, 2024, at Caesars Palace in Las Vegas and online, this event promises to deliver unparalleled learning experiences and networking opportunities. ensuring accessibility for attendees across the globe. A transformative highlight of this year's event includes AI-focused keynote led by Daniel Miessler, Founder of Unsupervised Learning and Creator of Fabric AI. In his keynote, "How to Run Your Security Program Using AI Before Someone Else Does," Daniel will explore how AI can be seamlessly integrated i...

Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk.  The SANS Internet Storm Center published a report showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet. As part of its extensive project portfolio, the Apache Foundation supports OFBiz , a Java-based framework for creating ERP (Enterprise Resource Planning) applications. OFBiz appears to be far less prevalent than commercial alternatives. However, just as with any other ERP system, organizations rely on it for sensitive business data, and the security of these ERP systems is critical. In May this year, a critical security update was releas...

On April 5, 2023, the FBI and Dutch National Police  announced the takedown of Genesis Market , one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI's warrant  here  for details specific to this case. In light of these events, I'd like to discuss how OSINT can assist with dark web investigations. The Dark Web's anonymity attracts a variety of users, from whistleblowers and political activists to cybercriminals and terrorists. There are several techniques that can be used to try and identify the individuals behind these sites and personas. Technical Vulnerabilities While not considered OSINT, there have been instances when technical vulnerabilities have existed in the technology used to host dark websites. These vulnerabilities may exist in the software itself or be due to misconfigurations, but they can sometimes revea...

Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation season, improve your cybersecurity! The end of the year is a great time to re-evaluate your cybersecurity strategy and make some important investments in protecting your personal and professional data. Cyber threats are constantly evolving and becoming more sophisticated, so it's important to stay on top of your security game. Investing in cybersecurity is not just about protecting your business from potential threats. It's also about gaining a competitive edge and earning the trust of your customers. In today's connected world, customers expect companies to prioritize their security. By investing in cybersecurity, you can show your customers that you value their data and their loyalty. One of the best ways to do this is to take advantage of year-end offers from top cybersecurity companies. Many of these companies offer special discounts on their products and services at thi...