Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How to Secure Amazon EC2 with Sysdig

Elastic Compute Cloud (EC2) is arguably one of the most popular AWS services, and really needs no introduction but here is one anyway. With Sysdig, you can secure EC2 by managing configuration and permissions risk, meeting compliance requirements, and managing vulnerabilities on containers and host VMs. When it comes to EC2 and Hosts themselves, Sysdig Secure alerts us in multiple ways.

Avoid Taking Shortcuts - New Emotet Technique

Emotet, one of the first Malware-as-a-Service (MaaS), an ever-evolving botnet and banking trojan active since 2014, recently added new techniques to its arsenal. Initially intended to extract sensitive banking information from a victim’s computer and operate using other malware trojans, this notorious malware continues evolving by implementing new techniques in the malware delivery stage. This document is an update to the technical report on Emotet from December 2021.

Tiny Banker Trojan

While living in the 21st century, no one can live off offline modes of payment all the time. Financial institutions, especially banks, have gone the extra mile to ease the process for their clients in the meantime, attracting cybercriminals and their ever-changing malware as threats to their information security. Tinba is one such threat especially plaguing Windows. Read on to know more about the tiny virus and its not so tiny implications.

Enriching NDR logs with context

In this post, we show how enriching Zeek® logs with cloud and container context makes it much faster to tie interesting activity to the container or cloud asset involved.In cloud or container environments, layer 3 networking is abstracted away from the higher-level tasks of running workloads or presenting data. Because of this abstraction, when Zeek logs are collected for cloud or container network environments, the attribution of a network flow to actual workload or application is difficult.

ModPipe POS Malware: New Hooking Targets Extract Card Data

Kroll’s incident responders have seen threat actor groups becoming increasingly sophisticated and elusive in the tactics, techniques and procedures they employ to steal payment card data. One common method is to “scrape” the Track 1 or Track 2 data stored on the card’s magnetic stripe, which provides the cardholder account and personal information criminals need to make fraudulent “card-not-present” (CNP) transactions.

Organize and Access Construction Photos Faster with Smart Upload

Your project teams take hundreds, if not thousands of photos every year. And while it’s easy to take the actual photos, it can be a huge pain to download and organize all those images. Think about how most companies operate today. A team member takes a bunch of pictures, goes back to the office or the trailer, downloads the pictures from the camera or mobile device, uploads them to the system, and then organizes and posts them.

Helping users become your strongest link

In his book Secrets and Lies: Digital Security in a Networked World, cybersecurity expert Bruce Schneier wrote, “People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.” That remains as true today as when the book was first published 22 years ago. It’s easy to understand why users often represent the weakest cybersecurity link within an organization.

CISO's Corner: Cyber Defense Lessons for OT and Supply Chain Infrastructure

2022 has been busy in the cyber world. While there were signals in 2021 with the increased in activity in threat actors targeting OT environments with ransomware, the conflict in Ukraine prompted many businesses to press harder in asking more questions about their own resilience with operational technologies (OT) and supply chain infrastructure.

Three reasons why Security Operations Centers (SOCs) are adopted

Company IT and security teams are facing cybersecurity challenges that increasingly test their defensive capabilities. Organizations have to protect themselves from a growing number of incidents (one attack every 39 seconds, according to the University of Maryland) and sophisticated threats, many of which have serious consequences.