Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

Stories from the SOC - Office 365 account compromise and credential abuse

Credential abuse and compromised user accounts are serious concerns for any organization. Credential abuse is often used to access other critical assets within an organization, subsidiaries, or another partner corporation. Once an account is compromised, it can be used for data exfiltration, or to further promote the agenda of a threat actor.

On the Importance of Protecting U.S. Pipeline Owners and Operators

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid millions of dollars to a ransomware group in order to regain access to their systems. U.S.

Survey: Nearly Half of Manufacturers Suffered a Digital Attack in the Last Year

Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack. It was the same story a year later when Tripwire surveyed infosec professionals in the retail sector.

SecurityScorecard Finds USAID Hack Much Larger Than Initially Thought

SecurityScorecard’s Investigations & Analysis team conducted an investigation into the details surrounding the USAID.gov attack. As has been previously reported, the attack has been potentially attributed to the organization commonly known as Cozy Bear, but our investigation found that the campaign is likely much larger, and began much earlier than has been reported.

What is an Advanced Persistent Threat in Cybersecurity?

Corporate cybersecurity professionals must be on constant alert to avoid the wide range of cyberattacks that can be thrown at them today: malware, ransomware, trojan horses, social engineering, and spear-phishing attacks, to name just a few. Among the most serious of attacks is the advanced persistent threat (APT). An APT is an attack that uses sophisticated methods to gain access to information systems and sensitive information.

Why Is Cybersecurity Important?

It’s the stuff of IT managers’ nightmares and it is coming to a server near you: ransomware attacks, phishing schemes, privacy breaches, and other yet-to-be imagined cyber threats aiming to pilfer the sensitive data stored on your IT systems. Cybercriminals target large companies like Microsoft, Equifax, Expedia, and Barnes & Noble just to mention a few big victims from 2020.

Cloud Threats Memo: Takeaways From the Q1 2021 Phishing Activity Trend Report

The Anti-Phishing Working Group (APWG) has just released its Phishing Activity Trend Report for Q1 2021. The first findings are easily predictable; the dispersion of the workforce is pushing phishing attacks to new records: just in January 2021, the APWG detected 245,771 unique phishing sites, the highest number reported so far.

What you need to know about Process Ghosting, a new executable image tampering attack

Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.

Cyber Kill Chain: What It Is, How It Works

What is the cyber kill chain? What is an example of the Cyber Kill Chain? What are the 7 steps of the cyber kill chain? Is the Cyber Kill Chain outdated? Cyber Kill Chain vs Mitre Att&ck Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.