Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

3 reasons SMBs are more vulnerable to cyberattacks than large enterprises

Details about cyberattacks on small-and-medium-sized businesses (SMBs) may not make it to the headlines, but numerous industry reports and surveys have highlighted the grim reality of the SMB cybersecurity landscape. Even before the COVID-19 pandemic, SMBs were largely targeted by adversaries1.

Ransomware attacks 2.0: How to protect your data with SOAR

The COVID-19 crisis prompted a spike in ransomware attacks, which was expected, to say at least. In fact, Checkpoint research shows that in Q3 2020, there was a 50% increase in ransomware attacks compared to earlier periods of this year. And while this wave of ransomware attacks was anticipated, not all organizations were reinforced enough to repel these attacks with proper resources and technologies.

Masslogger Stealer

Cyberint Research observed several unsolicited malicious email (malspam) campaigns in August 2021 through which Masslogger was delivered. First noticed around April 2020, Masslogger is a popular.NET credential stealer used to gather credentials from victims for various applications, and is readily available to purchase on cybercriminal forums for around $100 (US).

Catching SSH and RDP attacks without decryption

With the rise in distributed workforces both SSH and RDP connections have proliferated as remote employees connect to sensitive internal environments and machines to do their job. Unfortunately, these remote-friendly protocols are also prime attack targets and once compromised give adversaries a clear path to move laterally, deploy ransomware, and more.

THREAT ALERT: Crypto miner attack - Sysrv-Hello Botnet targeting WordPress pods

The Sysdig Security Research team has identified a Cryptominer attack hitting a Kubernetes pod running WordPress, related to the recent Botnet Sysrv-Hello. The goals of the attack were to control the pod, mine cryptocurrency, and replicate itself from the compromised system. In particular, the attackers targeted a misconfigured WordPress to perform initial access.

What did we learn from the 2021 ICO Report?

The 2021 ICO Annual Report highlights areas of concern for UK organisations, including the rise of ransomware, the constant threat of email phishing, and the lack of public faith in companies’ handling of data. Let’s dive into some of the more interesting findings from the regulatory body’s latest report.

Stories from the SOC -SolarWinds Sunburst attack with malicious file

In late 2020, SolarWinds was the victim of a cyberattack that spread to their clients and went undetected for months. The foreign entities were able to add malicious code into the Orion system and gain access to companies of all sizes and across industries. The malicious code was distributed to all of the systems via a routine software update. Attacks like this are becoming increasingly frequent, amplifying the importance of security solutions that can quickly detect a potential breach.

7 Strategies to Keep Business Data Secure

Cyberattacks are on the rise. The growing number of internet-connected devices and the value of business data means cybercriminals have more to gain than ever from breaking into a company’s network. It’s not uncommon for hackers to target operations of all sizes — meaning that any company holding onto important information needs defenses that will keep that data secure. These seven strategies are some of the most important cybersecurity tactics for a business to use.

Wanted: Reward of up to $10 million for critical infrastructure hackers

The U.S. government aims to tackle cybercrime, in particular attacks targeting critical infrastructure. For this purpose, the U.S. State Department has announced a reward of up to $10 million to anyone who offers valid information about any potential cyberattacks on critical infrastructure supported by foreign states.

Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .