How Zero Trust can stop the catastrophic outcomes of cyberattacks on critical infrastructure
Over the last few years, essential organisations and services that support our society have become increasingly vulnerable to sophisticated cyberattacks So much so, a recent joint cybersecurity advisory showed that 14 out of the 16 critical national infrastructure...
Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP. A for-hire cybercriminal group is feeling the talent-drought in tech just...
Google Chrome Zero-Day Weaponized to Spy on Journalists
Candiru attackers breached a news agency employee website to target journalists with DevilsTongue spyware, researchers say. A zero-day vulnerability in Google Chrome was used by the established spyware group Candiru to compromise users in the Middle East —...
Rethinking Vulnerability Management in a Heightened Threat Landscape
Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist. Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over...
Detecting Domain Generating Algorithms
How can we prevent malware from communicating with a C&C server? You may think of using a CTI (Cyber Threat Intelligence) feed with a network blacklisting appliance. You may also think about blocking certain protocols or even using a Next-Generation Firewall to...
Attack on HVAC vendor gave threat actor access to Boston Children’s Hospital
If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly...
Is Your Current Cybersecurity Strategy Right for a New Hybrid Workforce?
Is Your Current Cybersecurity Strategy Right for a New Hybrid Workforce? The global pandemic forced many employees to work from home, and remote working is likely to become a firmly established part of the working routine for employers and employees when it ends. A...
Almost 2,000 Exchange servers hacked using ProxyShell exploit
Almost 2,000 Exchange servers hacked using ProxyShell exploit Almost 2,000 Microsoft Exchange email servers have been hacked over the past two days and infected with backdoors after owners did not install patches for a collection of vulnerabilities known...
Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks
Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks In this blog post, the first in a series introducing the Kestrel Threat Hunting Language, we will show you how to get started with your first hunt. You’ll learn how to set up your...