Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

Mapping the DCRat attack to the MITRE ATT&CK framework

The IT industry has seen an unshakable surge in malware attacks. According to SonicWall’s 2022 Cyber Threat Report, almost 2.8 billion malware attacks were detected in 2022. Approximately 30% of these malware attacks were carried out using emails containing malicious links and attachments. On June 10, 2022, one such malware, Dark Crystal, also known as DCRat, jolted Ukraine. It is a remote access Trojan (RAT) that has been receiving regular upgrades and new modules since 2018.

Say goodbye to IP conflicts: How DDI Central prevents and resolves IP address conflicts for smooth network operations

In a well-functioning network, each device communicates seamlessly with others, relying on unique IP addresses to maintain its identity and keep everything in sync. But what happens when this system breaks down, and two devices attempt to use the same address? IP conflicts are more common than you might think, causing unexpected disruptions that slow down or even halt network operations.

Best practices to enhance Active Directory protection

Almost 90% of businesses employ Active Directory (AD) in their IT environments to manage user accounts and control access—yet every day, 95 million AD accounts are targeted by cyberattackers. It’s not surprising that AD is a popular target. Attackers can actively exploit user accounts and use them as an entry point to launch lucrative attacks. Find out how you can employ best practices to keep your AD safe from adversaries.

Active Directory security: Exploiting certificate services

Active Directory (AD) is crucial for an organization’s identity and access management strategy, but its complex architecture is also a prime zone for overlooked vulnerabilities. One such feature that’s often overlooked is Active Directory Certificate Services (ADCS). Active Directory Certificate Services ADCS is a service that provides a robust solution for managing digital certificates in a Windows Server environment. It leverages AD to manage certificates in a domain environment.

Five worthy reads: How non-human identities are shaping the cybersecurity landscape

Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. This week’s article elucidates what non-human identities are and why they are garnering attention today. Undoubtedly, today’s digital environment is burgeoning with technological advancements across various spheres, and cybersecurity is no exception. We are in an era where automation, cloud computing, and AI play a more critical role than humans.

Detect and secure your network from firmware vulnerabilities using Network Configuration Manager

Adopting proactive security against firmware vulnerabilities is more critical than ever. A vulnerability survey from Ponemon Institute showed that 60% of data breaches result from unpatched vulnerabilities, highlighting how delays in firmware patch deployment can severely weaken an organization’s defenses. Firmware supports key devices like routers, switches, and firewalls, and when compromised, can grant attackers persistent access to critical systems.

Microsoft Word's recent glitch deleted documents when saving them

Have your users spent hours working on a document in Microsoft Word, only to have it disappear when they try to save it? A recent bug in Microsoft Word, highlighted by Bleeping Computer, caused Word documents to be deleted instead of saved, leaving users frustrated. For IT administrators, it is vital to address these issues and educate users within the organization about best practices to reduce data loss and ensure business continuity.