Analysis of the second half of 2023 shows attackers are getting more aggressive with email-based phishing attacks in both frequency and execution. Until there’s a catch-all way to stop malicious emails from being an effective means of initial attack, phishing will continue to grow as the primary initial attack vector for cybercriminals.

As social media phishing reaches new heights, new data reviewing 2023 shows a massive effort by cybercriminals to leverage impersonation of social media brands. Cybercriminals are no longer just targeting your corporate network. Due to the rise of the cybercrime economy, there are a growing number of cybercriminal gangs strictly going after initial access (that can be sold to other cybercriminals).

Organizations worldwide use Active Directory (AD) as their primary identity service, which makes it a top target for ransomware attacks. This article explains how adversaries exploit Active Directory during ransomware attacks and provides strategies and tools for defending against this modern menace.

Active Directory domain consolidation is the process of restructuring an organization’s Active Directory setup to reduce the number of domains. Consolidation is often performed as part of a company reorganization, merger or acquisition, but it is also used to simplify an AD infrastructure that has become unwieldy over time.

If you’re an administrator running Ivanti VPN (Connect Secure and Policy Secure) appliances in your network, then the past two months have likely made you wish you weren’t. In a relatively short timeframe bad news kept piling up for Ivanti Connect Secure VPN customers, starting on Jan. 10th, 2024, when critical and high severity vulnerabilities, CVE-2024-21887 and CVE-2023-46805 respectively, were disclosed by Ivanti impacting all supported versions of the product.

Fraud is a problem that impacts all of us in different ways; there’s probably no one who hasn’t been directly or indirectly impacted by some kind of fraudulent activity. Have you or someone you know had their identity stolen? Has someone hacked your email or social media account? Have you had money taken from your account (think bank or credit cards here) one way or another? These are all examples of fraud and how it can affect us.

Password spraying and credential stuffing have a lot in common, but the main difference is in the way the attack is executed. With credential stuffing, the cybercriminal already has a set of verified login credentials, whereas, with password spraying, the cybercriminal has to guess the login credentials by matching a list of usernames with a commonly used password.

On February 29th, the Cybersecurity and Infrastructure Security Agency (CISA) issued two separate advisories related to malicious behavior exhibited by threat actors. The first advisory AA24-060A pertains to Phobos Ransomware and the second advisory AA24-060B pertains to the exploitation of vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways.

As of August 2023, only 3 out of 23 US government agencies were compliant with Office of Management and Budget (OMB) requirements for log management and security observability. These requirements are outlined in M-21-31, a 2021 memorandum that was issued following Executive Order 14028 on improving national cybersecurity. Until all of these agencies implement the new requirements, the federal government’s ability to fully detect, investigate, and remediate cybersecurity threats will be constrained.