Cyber insurance premiums are growing exponentially. It’s a dilemma that puts new financial pressures on organizations that are eager to protect their digital assets, but wary of increased spending. Part I of this cyber insurance blog series explored six reasons why cyber insurance costs are increasing so rapidly.
On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer showing “superuser/admin” access to various systems at authentication firm Okta that took place in January this year. Okta is a platform in the #1 platform in Identity-as-a-Service (IDaaS) category, which means that it manages access to internal and external systems with one login.
This blog is a continuation of our series on working with chatbots leveraging Microsoft Teams. In Part 1 of this series, we examined how to set up a chatbot within Microsoft Teams. In Part 2, we explored how to send rich notifications using Cards and use the Microsoft Graph API and the chatbot to proactively find and contact users within Microsoft Teams.
Cyberthreats continue to evolve, causing trillions of dollars in losses. There will be a 76% increase in cybersecurity breaches by 2024, according to StealthLabs. A report by IBM states that it took an average of 287 days to identify and contain a data breach in 2021. According to Verizon’s 2020 Data Breach Investigations Report, 86% of cybersecurity breaches were financially motivated, and 10% were motivated by espionage.
ManageEngine kicks off the year on a high note as it bags the 2022 Cybersecurity Excellence Awards under various categories. To name a few, ManageEngine has been declared a winner for AD360’s IAM and identity governance (IGA) offerings, Log360’s SIEM and SOAR solutions, and data-centric security.
VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic for legitimate as well as malicious purposes. Establishing a tunnel between corporate offices, remote workers, or partners to transfer data is a legitimate and common use for VPNs.
With budgets tightening across the board and competition for a limited pool of IT and security talent growing fiercer, cyber as a service providers have become an optimal solution for many companies. Knowing they can count on their partners to focus on specific vectors, internal security teams can concentrate on their core missions. This could be high priority or critical items within security or something totally outside of security.
Appending a malicious file to an unsuspecting file format is one of the tricks our adversaries use to evade detection. Recently, we came across an interesting email campaign employing this technique to deliver the info stealer Vidar malware. First, let’s examine the email delivery mechanism, then go on to take a closer look at the Vidar malware itself. Figure 1: The malicious spam message The messages in this campaign have two things in common.
