Blog

Joint PCI security and CSA guidance on scoping cloud environments

24.Aug.2021

Sergio Loureiro, Cloud Security Product Director

As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.

Insights about All World Cards and the published 1M credit cards

12.Aug.2021

Blueliv, an Outpost24 company

“All World Cards” is a new underground card shop created at the end of May 2021. The card shop went quite unnoticed until it caught the attention of the cybercriminal underground and the cybersecurity industry on August 2, 2021, by making publicly available one million compromised cards totally free of charge. All World Cards has currently listed for sale more than 2,7 million compromised cards.

Mapping the Attack Surface for Insurance Applications

02.Aug.2021

Stephane Konarkowski & Nicolas Renard, Presales Managers at Outpost24

As insurance organizations look to attract and engage customers, the growing use of web applications has increased their cyber exposure and the risks of cyberattacks. In this benchmark study, we analyzed the attack surface of the top 10 insurers in Europe to highlight the common attack vectors and security weaknesses that could be exploited – from page creation method to vulnerable components – and our top tips for reducing web application security risks.

Use of Initial Access Brokers by Ransomware Groups

28.Jun.2021

Beatriz Pimenta and Lidia López, Blueliv labs, an Outpost24 company

Initial Access Brokers (IABs) are financially motivated threat actors that profit through the sale of remote access to corporate networks in underground forums, like Exploit, XSS, or Raidforums. The type of accesses offered are mostly Remote Desktop Protocol (RDP), Virtual Private Network (VPN), web shells, and remote access software tools offered by companies such Citrix, Pulse Secure, Zoho, or VMware. However, threat actors are also selling information and tools to perform intrusions into companies through SQL injections, remote code execution (RCE) exploits, and other vulnerabilities.

Zero Trust Architecture (ZTA) within LEXIS

23.Jun.2021

Frédéric Donnat, Cloud Technical Architect

To ensure Outpost24 stays at the forefront of cybersecurity technology we conduct regular research into new innovations, and LEXIS High Performance Computing (HPC) is one of them. Outpost24 was instrumental in contributing and providing the “Security-By-Design” and “Zero-Trust” principles to creating the secure LEXIS Cloud-HPC-Big Data platform, and in this blog we explore the zero-trust fundamentals for which the LEXIS portal has been designed.

ITV #CISO on building a security culture and managing risk

02.Jun.2021

Bob Egner, Head of Product, Outpost24

We sat down with our customer - Deputy Group CISO at ITV, Jaspal Jandu who offers a practical view of today’s cybersecurity challenges including digital transformation, vulnerability management, risk prioritization and building a security culture from within.

What’s new and changed in CIS CSC version 8 – IG1

21.May.2021

Martin Jartelius, CSO, Outpost24

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.

What is API Security and how to protect them

20.May.2021

APIsec

APIs are a key part of modern web application development transforming how organizations build, manage, and scale their web and mobile services. In this blog we discuss why APIs are the new web application security, highlighting the growing challenges of API security risks and sharing best practices for preventing API attacks.

The most critical vulnerabilities right now

12.May.2021

Blueliv, an Outpost24 company

We may not yet be at the halfway point of 2021 but, over the course of the past 4 and a half months, We have already observed over 4,900 critical CVEs spanning widely used products from global vendors such as Panasonic, Cisco, Microsoft, and of course SolarWinds. It is clear that threat actors are still capitalizing on scattered, remote workforces, as evidenced in the platforms they are exploiting (Cisco Small Business, SAP Commerce Cloud).

An In-Depth analysis of the new Taurus Stealer

07.May.2021

Blueliv, an Outpost24 company

Most of the changes from earlier Taurus Stealer versions are related to the networking functionality of the malware, although other changes in the obfuscation methods have been made. In the following pages, we will analyze in-depth how this new Taurus Stealer version works and compare its main changes with previous implementations of the malware.