In a security bulletin on February 19, ConnectWise announced critical vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to its on-premises ScreenConnect product (identified and responsibly reported by one of Kroll’s SOC analysts), allowing attackers to takeover an organization’s ScreenConnect. The vulnerability, trivial to exploit, allows anonymous individuals to a create system admin account on publicly exposed instances of the product.

Windows Installers (.msi files) are a known vector of malware distribution. Although not quite common, they have been used by threat actors to distribute malware of all sorts. During July 2024, the Cyberint Research Team noticed somewhat of an uptick in the usage of malicious.msi files. Among the various samples we noticed a specific variant of malicious installer being actively used in the wild, disguised as legitimate applications or update installers and targeting Korean and Chinese speakers.

In the previous blog we covered how to use PGP keys for encrypting and decrypting emails on desktop clients like Thunderbird and Outlook. Now, let's take a look on securing your emails without too much hassle using OpenPGP on webmail services like Gmail using the Mailvelope extension for Google Chrome.

Authentication is the process of verifying the identity of a user or system. It is a critical component of security, ensuring that only authorized individuals or entities can access sensitive information or systems. There are several methods of authentication, including knowledge-based factors (something you know, like a password), possession-based factors (something you have, like a security token), and inherence-based factors (something you are, like a fingerprint).

When it comes to managing your cloud infrastructure, picking the right platform can make a big difference in how smooth, scalable, and cost-effective your operations are. Two of the top contenders in this space are OpenStack and VMware. Both offer powerful tools for handling virtualized environments, but they suit different needs and preferences. Knowing the key differences between them is essential to help you make the best choice for your organization’s goals and technical needs.

Offensive security and active defense may appear at first glance as contradictory cybersecurity solutions, but when paired, they create complementary and robust protective solutions. Let's take a quick look at what each solution offers before we go into the details. Offensive security involves attempting to identify flaws in an organization before a threat actor has a chance to exploit them.

On July 19, 2024, a flawed update in CrowdStrike Falcon's channel file 291 led to a logic error that caused Windows systems to crash, resulting in widespread BSOD (Blue Screen of Death) incidents. The impact was severe, disrupting critical infrastructure globally, from grounded flights to halted public transit systems. In fact, you’d have to have been living under a rock to have missed this incident.

The main differences between Remote Browser Isolation (RBI) and Virtual Private Networks (VPNs) are the type of user activity they secure and the way in which they secure it. While RBI protects users against web based threats by providing privacy and security through isolating browsing activity from the user’s device and network, VPNs encrypt data and mask the user’s IP address for all internet traffic. This article will examine these differences in more detail.

According to Gartner, by 2028, 75% of enterprises will prioritize backup of SaaS applications as a critical requirement, compared with 15% in 2024. Many of the largest organizations in the world rely on Salesforce as their CRM app that powers their business operations, helping them drive revenue faster.

As Large Language Models (LLMs) continue to evolve and become integral to various applications, preserving data privacy remains a crucial concern. Below are fundamental principles and best practices for maintaining data privacy in LLMs.