Cyberattacks

Kerberos Authentication: Basics to Kerberos attacks

Jun 14, 2022 By Editor In Cyphere

Developed by MIT, Kerberos Authentication Protocol is the default authentication service for Microsoft Active Directory. It is named after the three-headed dog (Cerberus) found in Greek mythology, because the security protocol involves three major steps in the entire authentication process. Although Kerberos is a technology used by Microsoft Windows, by default, its implementations in other operating systems, such as Linux, FreeBSD and macOS, are also present.

Read Post

Cyphere

Read more about Kerberos Authentication: Basics to Kerberos attacks

Conti ransomware incapacitates Costa Rica's government: The FBI, CISA, the NSA, and Secret Service recommend mitigation strategies

Jun 8, 2022 By General In ManageEngine

Weeks after President Rodrigo Chaves Robles became Costa Rica’s 49th president, he had to tackle the country’s largest cyberattack ever. Costa Rica declared a state of emergency following a series of detrimental ransomware attacks carried out by the Conti ransomware gang.

Read Post

ManageEngine

Read more about Conti ransomware incapacitates Costa Rica's government: The FBI, CISA, the NSA, and Secret Service recommend mitigation strategies

Bot attacks go undiscovered for average of 16 weeks

Jun 8, 2022 By Netacea In Netacea

New Netacea research shows businesses are leaving attacks unchallenged for almost four months.

Read Post

Netacea

Read more about Bot attacks go undiscovered for average of 16 weeks

CrowdStrike Falcon Stops Modern Identity-Based Attacks in Chrome

Jun 8, 2022 By Eamonn Ryan - Matthew Puckett - Liviu Arsene In CrowdStrike

Recent research from CyberArk Labs presents a new technique for extracting sensitive data from the Chromium browser’s memory. However, existing access to the targeted system is required before leveraging the technique to extract the sensitive data. The technique could enable identity-based attacks involving authentication bypass using Oauth cookies that have already passed an MFA challenge.

Read Post

CrowdStrike

Read more about CrowdStrike Falcon Stops Modern Identity-Based Attacks in Chrome

How Lookout Prevents Ransomware Attacks | Lookout

Jun 8, 2022 By Lookout In Lookout

As ransomware attacks continue to grow, keeping sensitive data secure is crucial. Lookout prevents the initial compromise of a ransomware attack by securing data wherever and however it needs to. How Lookout Reduces Risk of a Ransomware Attack: Ensures only endpoints free from malware access data Prevents attackers from exploiting vulnerabilities in internet facing apps and servers Enables you to identity unauthorized access when.

View Video

Lookout

Read more about How Lookout Prevents Ransomware Attacks | Lookout

Top Cyber Attacks of May 2022

Jun 7, 2022 By Arctic Wolf In Arctic Wolf

Summer is here and phishing season is in full swing. May saw a troubling range of phishing attacks carried out against a wide array of targets, from retirement planners to school systems to national defense. Bundle all of those efforts together with a disturbing ransomware attack on the air travel industry and you have all the evidence you need of the dangers of inadequate cybersecurity at every level.

Read Post

Arctic Wolf

Read more about Top Cyber Attacks of May 2022

Defense in Depth - Definition & Relation to Layered Security Approach

Jun 6, 2022 By Harman Singh In Cyphere

As the use of technology increases in every aspect of our daily lives, the rate of cyber attacks also grows exponentially. In today’s world, organisations need to be highly equipped in their defences against cyberattacks so that they may better protect their assets, and it is here that the defence in depth approach is adopted.

Read Post

Cyphere

Read more about Defense in Depth - Definition & Relation to Layered Security Approach

CrowdStrike Uncovers New MacOS Browser Hijacking Campaign

Jun 2, 2022 By EPP Content Research Team In CrowdStrike

The CrowdStrike Content Research team recently analyzed a MacOS targeted browser hijacking campaign that modifies the user’s browsing experience to deliver ads. Research began with a variant that uses a combination of known techniques to deliver, persist and sideload a Chrome extension. Analysis of the fake Chrome installer uncovered the use of more than 40 unique dropper files to install the extension.

Read Post

CrowdStrike

Read more about CrowdStrike Uncovers New MacOS Browser Hijacking Campaign

Brute-Force Attacks: How to Defend Against Them

Jun 2, 2022 By Arctic Wolf In Arctic Wolf

When you hear the words “brute force," subtlety is probably not the first thing that comes to mind. Indeed, classic brute-force cyber attacks use the most straightforward tactics—trial and error—to gain entry into a protected system. When brute force works, the attack's type, depth, and severity depend on the attacker's goals.

Read Post

Arctic Wolf

Read more about Brute-Force Attacks: How to Defend Against Them

Naming Adversaries and Why It Matters to Your Security Team

May 31, 2022 By Bart Lenaerts-Bergmans In CrowdStrike

What is it with these funny adversary names such as FANCY BEAR, WIZARD SPIDER and DEADEYE JACKAL? You read about them in the media and see them on CrowdStrike T-shirts and referenced by MITRE in the ATT&CK framework. Why are they so important to cyber defenders? How is an adversary born? You may think you have a problem with ransomware, bots or distributed denial of service (DDoS) attacks but you would be wrong. Because humans are behind every cyberattack, what you really have is an adversary problem.

Read Post