On January 7th, MITRE released ATT&CK for Industrial Control Systems, a taxonomy of real-world cyber adversarial behavior targeting ICS or industrial control systems. These systems operate critical infrastructure in manufacturing and utility industries, and they are popular targets in financial and espionage motivated attacks.

Following the recent U.S. operation in Iraq which resulted in the killing of Iranian General Qassem Soleimani, Iran warned that it will retaliate. Although the international community and both involved countries have taken steps to deescalate the crisis, it is always prudent to stay alert and continually update your cybersecurity programs regardless of whether the opponent is a state actor or just a common cybercriminal.

Happy New Year! What a year 2019 was in cybersecurity. It was a great year for informative and interesting blogs. Here were the top performing AT&T Cybersecurity blogs written in 2019.

Tools and features introduced with the intention of benefiting and empowering an organization can sometimes end up being misused. PowerShell is a classic example.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Well, the New Year didn’t get off to a good start for some. The most visible of them being Travelex as a result of an unpatched VPN solution. From there things have rapidly fallen apart, and it ain’t over yet…

Not only have Global banks stopped customers transacting or ordering currency from Travelex, many have stopped transactions with third party currency providers altogether. Lloyd’s, Royal Bank of Scotland, Tesco and Sainsbury’s all receive their currency from Travelex. It has been reported by Travelex that no customer data has been compromised although no report has been publicly provided to explain how this has been determined.

Application performance management (APM) software, sometimes known as application performance monitoring software, is a software as a service (SaaS) type that provides you with a variety of ways to analyze and ensure availability within your application. They can give you metrics in areas such as render times, database load, and failed requests. Modern APM tools are mostly drop-in, all-in-one style solutions. Add a dependency and know everything about why your app is slowing down or crashing.

With the advancements in technology, our businesses heavily rely on the computers, internet and transfer of massive amounts of data. We communicate via internet, store data on cloud systems, or even conduct our business off-site with the help of internet technologies. As an unavoidable result, the sensitive information regarding our customers and organizations are exposed to cyber threats including hackers, data breaches and more.

This blog post provides an overview of the AT&T Alien Labs™ technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence, and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described below are historical, we at Alien Labs are continuing to see new attacks, which can be further researched on the Alien Labs Open Threat Exchange™ (OTX).

The Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais or LGPD) is a new law that was passed by the National Congress of Brazil on August 14, 2018 and comes into effect on August 15, 2020. The LGPD creates a legal framework for the use of personal data of individuals in Brazil, regardless of where the data processor is located.