Cloud enthusiasts often tout how using a public cloud service provider helps mitigate ransomware attacks. Unfortunately, this is not true by default. Regardless of where files are stored, an attacker can download them, make them inaccessible to the target organization, and demand a payment for restoring their mission-critical data. Why the misconception? The first time most people use "the cloud" is when they use OneDrive, Dropbox, iCloud, Goo...

Join Us for a Critical Webcast on Enhancing Water and Wastewater Utility Security on Thursday, 23 Jan 2025 at 1:00 PM EST.This webcast will dive deep into key findings from the latest survey assessing safety and security challenges in the water and wastewater utility sector. With a particular focus on Industrial Control Systems (ICS), SCADA, and Distributed Control Systems (DCS) used in water treatment and distribution, we’ll explore eme...

SANS Stay Sharp: Jan 2025 (January 21-23, ET) offers short courses designed to equip you with cybersecurity training you can implement immediately. Whether you are new to the industry, looking for a place to start, or are a seasoned professional looking to sharpen particular skills, SANS Stay Sharp training can help you achieve your goal. View the line-up of courses below, and register now to get targeted training designed to help you build sp...

SIEM's complicated evolution has resulted in unsustainable cost increases, scope creep, and the occasional declaration that the product space is essentially dead. Thanks to deep expertise in search and data management, access to OSINT and frontline intelligence, and AI-infused features, Google SecOps demonstrates that the SIEM still has plenty of gas in the tank. Discover how SecOps is ushering in the "SIEM's Third Act" by addressing the limit...

In this workshop, SANS instructor and lead author of SEC565: Red Team Operations and Adversary Emulation, Jean-Francois Maes, will walk the audience through a guided hands-on workshop where common Active Directory Privilege Escalation Attacks are going to be discussed and executed using Empire version 5. Attacks that will be conducted:KerberoastingDCSyncingHopping parent/child trust using SID historyAbusing Unconstrained DelegationAt the end o...

Unlock the full potential of your cybersecurity career at SANS Nashville Winter 2025 (January 13-18, CT), a SANS flagship event. Guided by world-renowned instructors at the forefront of the field, this event provides exclusive access to live industry experts, ensuring you stay ahead of the curve. Immerse yourself in a learning environment that features industry-leading hands-on labs, simulations, and exercises, all geared towards practical app...

Get ready to deep dive into the all-new SANS SEC587 Advanced Open-Source Intelligence course, where 20 new labs and enhanced content redefine the landscape of OSINT training. This overhaul includes content on Russian and Chinese OSINT, cutting-edge audio analysis powered by AI, and timely new sections on cryptocurrency and drone detection, among others. We'll also look at how SEC587 complements SEC497 Practical OSINT, positioning you to unlock...

The classic way to make a massive difference with technology, or “Dent in The Universe,” is via a startup. We can define a startup as a company with high growth possibilities that is innovative and potentially disruptive. This describes most startups in the infosec space. Also, essentially every startup has a strong technology component today and infosec concerns. This translates to lots of startup opportunities for infosec profess...

This webcast, led by James Tarala, Senior Faculty at the SANS Institute and Managing Partner at Cyverity, is designed to empower small businesses with the knowledge and resources they need to effectively manage cybersecurity risks without breaking the bank. In today's fast-paced digital world, small businesses often face the daunting challenge of securing their operations from cyber threats while working with limited budgets and resources. Thi...

Discover the covert world of wireless network exploitation in our webcast on the "Nearest Neighbor Attack," as recently detailed by Volexity. This attack leverages nearby Wi-Fi networks for covert access, weaponizing proximity in an innovative and stealthy way. Join us as we explore how these techniques have long been a part of advanced wireless exploitation. As instructors and authors for the SANS SEC617: Wireless Penetration Testing and Ethi...