Threat Research – Page 3 – WindowsTechs.com

Beware of What Is Lurking in the Shadows of Your IT

Posted on December 21, 2022 by John Dwyer

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT […]

The post Beware of What Is Lurking in the Shadows of Your IT appeared first on Security Intelligence.

Continue reading Beware of What Is Lurking in the Shadows of Your IT→

How to Embed Gen Z in Your Organization’s Security Culture

Posted on December 15, 2022 by Claire Nuñez

Generation Z, which Pew Research Center defines as those born after 1996, is considered the first digital-native generation. This group of young people always has the latest technology at their fingertips. Yet even with this strong digital connection, the National Cybersecurity Alliance (NCSA) found that Gen Zers have higher cyber incident victimization rates than previous […]

The post How to Embed Gen Z in Your Organization’s Security Culture appeared first on Security Intelligence.

Continue reading How to Embed Gen Z in Your Organization’s Security Culture→

Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism

Posted on December 13, 2022 by Chris Thompson

In September 2022, Microsoft patched an information disclosure vulnerability in SPNEGO NEGOEX (CVE-2022-37958). On December 13, Microsoft reclassified the vulnerability as “Critical” severity after IBM Security X-Force Red Security Researcher Valentina Palmiotti discovered the vulnerability could allow attackers to remotely execute code. The vulnerability is in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, which allows […]

The post Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism appeared first on Security Intelligence.

Continue reading Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism→

RansomExx Upgrades to Rust

Posted on November 22, 2022 by Charlotte Hammond

IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that has been rewritten in the Rust programming language, joining a growing trend of ransomware developers switching to the language. Malware written in Rust often benefits from lower AV detection rates (compared to those written in more common languages) and this […]

The post RansomExx Upgrades to Rust appeared first on Security Intelligence.

Continue reading RansomExx Upgrades to Rust→

What Hurricane Preparedness Can Teach Us About Ransomware

Posted on October 27, 2022 by Mike Silverman

Each year between June and November, many parts of the U.S. become potential targets for hurricanes. In October 2022, we had Hurricane Ian devastate Florida. To prepare for natural disasters like hurricanes, organizations are encouraged to build out and test business continuity, disaster recovery, and crisis management plans to use in the response efforts. Millions […]

The post What Hurricane Preparedness Can Teach Us About Ransomware appeared first on Security Intelligence.

Continue reading What Hurricane Preparedness Can Teach Us About Ransomware→

What Hurricane Preparedness Can Teach Us About Ransomware

Posted on October 27, 2022 by Mike Silverman

The post What Hurricane Preparedness Can Teach Us About Ransomware appeared first on Security Intelligence.

Continue reading What Hurricane Preparedness Can Teach Us About Ransomware→

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

Posted on October 26, 2022 by Charles Henderson

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends […]

The post Charles Henderson’s Cybersecurity Awareness Month Content Roundup appeared first on Security Intelligence.

Continue reading Charles Henderson’s Cybersecurity Awareness Month Content Roundup→

What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study

Posted on October 24, 2022 by John Dwyer

Cyberattacks seldom happen when it’s convenient. In fact, it’s relatively common for them to occur on weekends or holidays — threat actors capitalize on the fact that there is fewer staff on site, and those who are there are focused on the coming weekend or time off. It’s also not uncommon for attacks of this […]

The post What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study appeared first on Security Intelligence.

Continue reading What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study→

How to Keep Your Secrets Safe: A Password Primer

Posted on October 20, 2022 by Dustin Heywood

There are two kinds of companies in the world: those that have been breached by unethical hackers, and those that have been breached and don’t know it yet. Hackers are relentless. Today’s cyberattacks have evolved into high-level espionage perpetrated by robust criminal organizations or nation-states. In the era of software as a service (SaaS), enterprise […]

The post How to Keep Your Secrets Safe: A Password Primer appeared first on Security Intelligence.

Continue reading How to Keep Your Secrets Safe: A Password Primer→

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

Posted on October 17, 2022 by Rio Sherri

Command & Control (C2) frameworks are a very sensitive component of Red Team operations. Often, a Red Team will be in a highly privileged position on a target’s network, and a compromise of the C2 framework could lead to a compromise of both the red team operator’s system and control over beacons established on a […]

The post Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1 appeared first on Security Intelligence.

Continue reading Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1→