Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The TTPs of JavaScript Supply Chain Attacks

Recent research studies demonstrate that software supply chain attacks are on the upswing—by almost 300% in 2021 alone. To avoid attacks related to open-source libraries and JavaScript, businesses need to understand the tactics, techniques, and procedures (TTPs) associated with JavaScript supply chain attacks.

What is a watering hole attack?

The advance of the 21st century brought with it a significant shift in the work scene. Every industry and field relies heavily on computers and the digital world to function seamlessly. However, with it came the ever-mounting fear of cyber attack. Among the many forms of cyber attack is a watering hole attack, also known as a supply chain attack. In a watering hole attack, attackers mainly try to compromise a user by infecting the user’s computer and gaining access to the network.

Detect cryptocurrency mining in your environment with Datadog Cloud SIEM

Cryptocurrency mining (or crypto mining) can be a lucrative yet resource-intensive operation, so cyber threat actors are targeting more organizations in order to take advantage of their cloud resources for mining. Datadog Cloud SIEM can now help you monitor your cloud-based systems for unwanted crypto mining via a built-in detection rule. All you need to get started is to configure your resource logs with Datadog’s @network.client.ip standard attribute.

What is Data Execution Prevention (DEP)?

Handling our system memory safely and protecting it from harmful programs and other programs that are prone to executable code run from a data page on different memory locations and specific data section is a challenging task. The essential Windows programs and services have been a big step forward in easing that task.

Network attacks, the protagonists of the latest Internet Security Report

Today’s threat landscape is evolving rapidly. Attackers are constantly adjusting their tactics and finding new ways to infiltrate organizations with increasingly sophisticated attacks to steal valuable data. As such, businesses and IT professionals must remain up to date on the industry’s latest threat intelligence in order to better understand the current state of this cybersecurity landscape and know their enemies to shore up defenses.

Incredibly simple...yet effective. Zhadnost botnet relies on Open Proxies and DNS Resolvers.

As mentioned in SecurityScorecard’s (SSC) previous Zhadnost blog posts (part one and part two), the DDoS attacks against Ukrainian and Finnish websites do not appear to have a lasting impact, as the sites were back online within hours of the attack.

What Makes Telecommunication Companies Such a Fertile Ground for Attack?

Telecommunication is the first, and most robust network ever invented. This may seem like a brazen and bold statement, but when examined closely, it is not the stuff of fantasy. Prior to the invention and development of the internet, what other way could a person pick up a device, and “dial” a few numbers and end up seamlessly connected to someone across the vast expanse of a countryside?