Enterprise Digital Footprint

Critical “SMBleed”, Vulnerability: Why Should You Be Worried?

This blog is contributed by Apoorv Saxena, technical team, FireCompass. At the end of May a researcher by the pseudonym “chompie”  published a tweet that showed a working PoC for CVE-2020-0976(SMBGhost), expecting a similar disclosure from the ZecOps security. As part of Microsoft June 2020 Patch release on June 9, ZecOps Researcher disclosed a new… Read More »Critical “SMBleed”, Vulnerability: Why Should You Be Worried?

Security Breach Report June 2020

Monthly Breach Report June 2020

This report summarizes the top breaches between mid May to June 2020 accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach 1.“Bank Of America (BofA) Data Breach” Bank Of America… Read More »Monthly Breach Report June 2020

Maze Ransomware Hits Cognizant

Maze Ransomware Hits Fortune 500 Company Cognizant: What Can We Learn?

It’s not new news but it’s shocking how large enterprises are becoming victims, these are challenging times. Cognizant (A large fortune 500 company) was seen to notify customers of a compromise and more details. This particular ransomware is particularly dangerous as it steals data before encrypting it and next threatens to release it if the… Read More »Maze Ransomware Hits Fortune 500 Company Cognizant: What Can We Learn?

Learn About Saltstake Vulnerability

SaltStack Advisory (Vulnerability, Impact, Remediation)

This blog was authored by Jitendra Chauhan, Head R&D, FireCompass Salk Stack is  A configuration management system. Salt is capable of maintaining remote nodes in defined states. For example, it can ensure that specific packages are installed and that specific services are running. A distributed remote execution system used to execute commands and query data on… Read More »SaltStack Advisory (Vulnerability, Impact, Remediation)

CISO Guide to dealing with stress during COVID19

CISO Guide To Dealing With Stress During Covid 19 Practical Strategies & Tactics

Social distancing, remote working, unstable times, unpredictable futures – we are all battling with one or all these issues in this COVID-19 ridden days.  As security professionals we understand the importance of building a resilient security program which can not only protect but also detect, respond and recover from a security incident. But what about… Read More »CISO Guide To Dealing With Stress During Covid 19 Practical Strategies & Tactics

Top 12 Talks On ‘Red Teaming & Purple Teaming’ from Security Conferences

We’ve often heard security forums end up with the fiery debate on ‘Red Team’ Vs ‘Purple Team’. So, here we’ve put together some top talks from global security conferences that could help you get a hang on the debatable topic 1. Red Team vs. Blue Team on AWS 2. Red Team View: Gaps in the… Read More »Top 12 Talks On ‘Red Teaming & Purple Teaming’ from Security Conferences

2019 Biggest Breaches: 2019 The “Worst Year On Record” For Breaches

According to research from Risk Based Security, the total number of breaches was up 33% over last year. That’s a whopping 5,183 data breaches for a total of 7.9 billion exposed records and in November, the research firm called 2019 the “worst year on record” for breaches… Not having real time view of your dynamic attack surface and… Read More »2019 Biggest Breaches: 2019 The “Worst Year On Record” For Breaches

One Plus Breach – November 2019

Less than 3000 one-plus smartphone users were claimed to be affected by a recent one-plus data breach. One-plus is known to have had previous data breaches. Customers are advised to change their password. Data leaked involves name, address, email. The nature of data revealed maybe used for impersonation and indirect access to other accounts. Recently,… Read More »One Plus Breach – November 2019