Detecting Domain Generating Algorithms
How can we prevent malware from communicating with a C&C server? You may think of using a CTI (Cyber Threat Intelligence) feed with a network blacklisting appliance. You may also think about blocking certain protocols or even using a Next-Generation Firewall to...
Attack on HVAC vendor gave threat actor access to Boston Children’s Hospital
If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly...
Is Your Current Cybersecurity Strategy Right for a New Hybrid Workforce?
Is Your Current Cybersecurity Strategy Right for a New Hybrid Workforce? The global pandemic forced many employees to work from home, and remote working is likely to become a firmly established part of the working routine for employers and employees when it ends. A...
Almost 2,000 Exchange servers hacked using ProxyShell exploit
Almost 2,000 Exchange servers hacked using ProxyShell exploit Almost 2,000 Microsoft Exchange email servers have been hacked over the past two days and infected with backdoors after owners did not install patches for a collection of vulnerabilities known...
Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks
Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks In this blog post, the first in a series introducing the Kestrel Threat Hunting Language, we will show you how to get started with your first hunt. You’ll learn how to set up your...
The discovery stage of your cloud migration project
The discovery stage of your cloud migration project Migration or digital transformation to the Cloud is at the forefront of every organisation’s plans- It’s no longer a case of if that transformation is happening it’s how Some organisations are not sure where to start...
How to demonstrate ROI from your cyber security strategy
How to demonstrate ROI from your cyber security strategy The best outcome from a well-executed cyber security strategy should be that a business experiences no change or disruption to their operations or systems in the case of an external threat However, while this is...
Memory Corruption Issues Lead 2021 CWE Top 25
Memory Corruption Issues Lead 2021 CWE Top 25 The MITRE Common Weakness Enumeration (CWE) team’s latest list of most dangerous software flaws includes several that shot up in significance since 2020. Memory corruption errors remain one of the most common and dangerous...
Defence in Depth – Time to start thinking outside the box
Defence in Depth – Time to start thinking outside the box Spam Prevention, Anti-Virus, Intrusion Prevention – these are just a few solutions you may already be using as part of your cyber security strategy Whilst these are all effective in their own right, have you...