Shailendra Upadhyay has been in-charge of the implementation of SaaS (security-as-a-service) to identify any incident reported on the internet at any given point of time. He also helped deploy a centralized patch management solution that assists in managing all OS patches automatically.
Meetali Sharma conducted an internal risk assessment with respect to the security standards, identified gaps, and made numerous changes within the environment. This included physical segregation, VLAN segmentation, dual factor authentication, policy alignment, and employee trainings.
At Aditya Birla Sun Life Insurance, Rajesh Shetty set up a deep security virtual patching for servers and an ENS, active response and threat intelligence, for advanced protection of its servers and end points.
With Meltdown and Spectre variants still on the map, another security vulnerability has emerged that affects Intel processors’ speculative execution technology.
From taming the DevOps beast to building a highly resilient architecture, Gerald Beuchelt, CISO at LogMeIn shares his strategy to thrive in the rapidly changing threat landscape.
Malware authors are continuously experimenting and employing new tactics to disguise their malware into email attachment. The key objective is to make the email look “normal” and “non-suspicious”, which will prompt the recipient to open the attachment without any suspicion.
This paper outlines the usage of FuzzBunch exploit framework, details of MS17-010 patch, and insights into the EternalBlue Exploit and DoublePulsar payload. In addition to these, this paper also puts together the detection statistics of EternalBlue exploit after its inception in May, in various campaigns till date.
Attacks based on exploits are considered to be very powerful, as they do not require any additional interactions with the user and can deliver their dangerous code discreetly.