Archive for the ‘Threat detection’ Category

What is XDR, MXDR, DRs & SBOM ? – Cybersecurity Acronyms 2023

The field of cybersecurity is rife with acronyms. From AES to VPN, these technical alphabet soup terms have been part of the knowledge of not only cybersecurity experts but also organizations that are planning to buy security solutions or implement security technologies. Enterprise Strategy Group (ESG) has released its 2023 Technology Spending Intentions Survey, and it […]

Leave a Comment

GuLoader Malware Uses Advanced Anti-Analysis Techniques to Evade Detection

An advanced malware downloader named GuLoader has recently been exposed by cybersecurity researchers at CrowdStrike. This advanced downloader has the capability to evade the detection of security software by adopting a variety of techniques. While analyzing the shellcode of GuLoader, a brand-new anti-analysis technique was discovered by CrowdStrike through which researchers would be able to identify if the […]

Leave a Comment

Top cybersecurity threats for 2023

Going into 2023, cybersecurity is still topping the list of CIO concerns. This comes as no surprise. In the first half of 2022, there were 2.8 billion worldwide malware attacks and 236.1 ransomware attacks. By year end 2022, it is expected that six billion phishing attacks will have been launched. SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic) […]

Leave a Comment

7 critical steps to defend the healthcare sector against cyber threats

While knowing full well that human lives may be at stake, criminal gangs have been increasingly targeting the healthcare sector with high-impact attacks like ransomware. 1. Tighten up email security Healthcare providers should set up numerous layers of defense for a variety of email-borne threats. A good email security solution should be the first layer but will […]

Leave a Comment

Top Cybersecurity Threats for Public Sector

An IRONSCALES survey published in October 2021 shows over 80% of respondents experienced an increase in email phishing attacks since the start of the pandemic. Phishing involves the utilization of legitimate-looking emails to steal the login credentials or other sensitive information of a target organization. While it’s just as much a risk for small and […]

Leave a Comment

Top Cybersecurity Threats for Public Sector

In the private sector, hackers and cybercriminals are prone to leaving organizations with good security infrastructures alone. Because they often go after low-hanging fruit, hacking into a well-protected network is perceived as more trouble than it’s worth. But the public sector is a different matter entirely. The government and government agencies have access to assets […]

Leave a Comment

How to Spot Your Biggest Security Threat? Just Look out for the Humans

As it turns out, it’s not some AI-powered machine learning super virus or pernicious and anonymous cybercrime syndicate. It’s not the latest and greatest in botnets, malware, or spyware either. Sure, these can be scary, and they are worth protecting against. The headlines report the increased volume and velocity of security threats every other day. The […]

Leave a Comment

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles. An attacker can […]

Leave a Comment

Russia-linked APT29 relies on Google Drive, Dropbox to evade detection

Russia-linked threat actors APT29 are using the Google Drive cloud storage service to evade detection. Palo Alto Networks researchers reported that the Russia-linked APT29 group, tracked by the researchers as Cloaked Ursa, started using the Google Drive cloud storage service to evade detection. The Russia-linked APT29 group (aka SVR, Cozy Bear, and The Dukes) has been active since at least 2014, along […]

Leave a Comment

ENISA released the Threat Landscape Methodology

I’m proud to announce that the European Union Agency for Cybersecurity, ENISA, has released the Threat Landscape Methodology. Policy makers, risk managers and information security practitioners need up-to-date and accurate information on the current threat landscape, supported by threat intelligence. The EU Agency for Cybersecurity (ENISA) Threat Landscape report has been published on an annual […]

Leave a Comment

What Security Engineers Hate About SIEM

SIEM Satisfaction is Mediocre When CISOs, CIOs, CTOs, security engineers, security analysts and security architects were asked to rank the primary capabilities of a traditional SIEM according to how satisfied they were with those capabilities, an interesting picture emerged. The survey results indicated that every primary capability of traditional SIEM solutions, at best, only somewhat […]

Leave a Comment

BEC scammers impersonate CEOs on virtual meeting platforms

The FBI warned US organizations and individuals are being increasingly targeted in BECattacks on virtual meeting platforms The Federal Bureau of Investigation (FBI) warned this week that US organizations and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms. Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both […]

Leave a Comment

Open-source Threat Intelligence Feeds

Table of Contents InfraGard DHS CISA Automated Indicator Sharing Abuse.ch AlienVault COVID-19 Cyber Threat Coalition Feeds BlockList.de Phishtank Verified Online Url Feeds Proofpoint Emerging Threats Rules The CINS Score SANS Internet Storm Center VirusTotal Cisco Talos Intelligence The Spamhaus Project VirusShare Malware Repository Google Safe Browsing Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on […]

Leave a Comment

Threat actors abuse public cloud services to spread multiple RATs

Threat actors are actively exploiting public cloud services from Amazon and Microsoft to spread RATs such as Nanocore, Netwire, and AsyncRAT used to steal sensitive information from compromised systems. The malware campaign was spotted by Cisco Talos in October 2021, most of the victims were located in the United States, Italy and Singapore. Threat actors leverages cloud services like […]

Leave a Comment

External attackers can penetrate most local company networks

These are the results of a new research report by Positive Technologies, analyzing results of the company’s penetration testing projects carried out in the second half of 2020 and first half of 2021. The study was conducted among financial organizations (29%), fuel and energy organizations (18%), government (16%), industrial (16%), IT companies (13%), and other sectors. During […]

Leave a Comment

Threat actors are abusing MSBuild to implant Cobalt Strike Beacons

Security expert from Morphus Labs recently observed several malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. MSBuild is a free and open-source build toolset for managed code as well as native C++ code and was part of .NET Framework. It is used for building apps and gives users […]

Leave a Comment

SANS 2021 Top New Attacks and Threat Report

SANS 2021 Top New Attacks and Threat Report Download System Security Threats | Computer Science Posters

Leave a Comment

2022 and the threat landscape: The top 5 future cybersecurity challenges

2022 is going to be a year of building greater resiliency and integrating this into all aspects of business operations. This will require organizations of all levels to review how they are responding to a larger scale of sophisticated threats. To build on the efforts of 2021, CISOs need to address how they can implement […]

Leave a Comment

XDR Defined: Giving Meaning To Extended Detection And Response

The term “extended detection and response” (or XDR) was coined back in 2018, but definitions continue to vary significantly (see one, two, or three, and tell me what XDR actually is -:). There was no reliable, unbiased explanation for what XDR is and how it differs from a security analytics platform, which has led to confusion and disregard from clients who dismiss it as nothing more than yet […]

Leave a Comment

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities […]

Leave a Comment