Collaborate Disseminate
Remember when ransomware operators promised last year not to attack hospitals under siege from COVID-19? Unfortunately, that didn’t happen: hospitality, entertainment, and retail locations were all shut down as COVID-19 spread, leaving ne’er-do-w… Continue reading Hackers are leveling up and catching healthcare off-guard
IT decision-makers often find themselves stuck between a rock and a hard place when it comes to dealing with ransomware attacks. Do they pay a large sum of money to cybercriminals in the hopes of regaining access to their systems and data at the risk o… Continue reading Dealing with ransomware attacks: What options do you have?
While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language and compilation, protocols, hardware and memory architecture, logic, etc.), t… Continue reading Cyber investigations, threat hunting and research: More art than science
Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security and Cyentia Institute has found. “This data-driven research, built over the c… Continue reading When exploit code precedes a patch, attackers gain a massive head start
Cybersecurity is an undisputed concern within any industry – but how are organizations and businesses using the security data and information they collect to best ensure their businesses are protected from cyber threats? Threat hunting context Accordin… Continue reading Why threat hunting is obsolete without context
Enterprises and end-users are constantly reminded of the dangers associated with clicking on unknown links and documents. Images rarely top the list as would-be vulnerabilities, but it’s important to be cautious of these potentially risky files as well… Continue reading A picture is worth a thousand words, but to hackers, it’s worth much more
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in people working remotely during the pandemic. With enterprises resorting to making RDP s… Continue reading Defending against Windows RDP attacks
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof of concepts for vulnerabilities and associated patches. Hafnium hackers were … Continue reading Is it OK to publish PoC exploits for vulnerabilities and patches?
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most cyber-attacks involve the use of easily preventable tactics including phishi… Continue reading Defeating typosquatters: Staying ahead of phishing and digital fraud
Training to increase employees’ security awareness and change risky behaviours among end users is important, particularly as the future workplace will be hybrid and many professionals will still be working remotely. After all, you don’t want your emplo… Continue reading Secure your cloud: Remove the human vulnerabilities