During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.

Selling to the Department of Defence or dealing with Export Controlled material? Discover how to manage the information security and compliance of ITAR and other regulated data.

Organizations that develop mobile apps need to be aware of the potential cyber security threats. These threats can lead to the loss of users' private data, which can have serious repercussions for industries like fintech, healthcare, ecommerce, etc. In order to prevent these malicious practices, Dynamic Application Security Testing (DAST), a security testing tool, has been introduced. It helps to weed out specific vulnerabilities in web applications whenever they run in the production phase.

Find out what our audit services team unearthed in the 2,400+ codebases we reviewed in 2021. Spoiler alert: In 2021, audits found open source in 100% of our customer engagements. Regular readers know that Synopsys recently published the seventh edition of the “Open Source Security and Risk Assessment” (OSSRA) report. We think it provides the best information available about usage of open source in the wild, and the frequency of open source risks.

Before we dive into the details of this vulnerability, we want to make it clear that there’s no need for panic. Many systems permit the use of various types of code in configuration files, and there are legitimate use cases to include string and variable interpolation in the configuration of applications and systems. This is not Log4Shell all over again. This is simple configuration manipulation.

Most developers don’t learn about secure coding in the college IT programs. And once they join the workforce, they often don’t have the time to learn about secure coding. The responsibility of training developers in secure coding best practices usually falls on security practitioners. Security practitioners are notoriously overworked, often lacking the bandwidth to train developers. Organizations are thus turning to AppSec learning experiences built specifically for development teams.

Temperatures rose in June, and the threat of serious cyber attacks soared along with them. The start of summer saw revelations of major breaches in confidential medical information, a case study for changing-up hacked passwords, another round of victimization for people whose data has already been sold once before, and one high-profile threat to undermine an entire democracy. Let’s take a closer look at these troubling instances, plus one controversial effort to rein in the crimewave.

In January 2022, Microsoft announced that Excel 4.0 macros would be restricted by default, to protect users from malicious macros. In February 2022, Microsoft announced that VBA macros would also be blocked for files downloaded from the internet. Cybersecurity professionals and enthusiasts rejoiced at the news! Malicious Office documents were running rampant. Attackers abused Microsoft Office macros to deliver BazarLoader and Trickbot, and remote access trojans like AveMaria and AgentTesla.

Today CrowdStrike sent the following Tech Alert to our customers: On July 8, 2022, CrowdStrike Intelligence identified a callback phishing campaign impersonating prominent cybersecurity companies, including CrowdStrike. The phishing email implies the recipient’s company has been breached and insists the victim call the included phone number.

The uptick in recent years in cyber attacks by rival state actors, primarily Russia and China but not only, as well as criminal groups, have pushed the US government to step up its effort to defend against these malicious actors. While much of the focus has been on external actors, there has also been an ongoing effort to secure government organizations from internal threat actors. Insiders present a serious risk because they have authorized access to be inside the organization.