Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Wednesday, March 29, 2023, details of unexpected malicious activity observed from the legitimate and cryptographically signed 3CX SoftPhone Desktop App application were shared in a blog post by security researchers at Crowdstrike.

The “Great Resignation” is still well underway, further impacting a cybersecurity industry with a historically low retention rate. According to a report published by Enterprise Strategy Group in partnership with Information Systems Security Association International, 76% of organizations say it is difficult to recruit and hire security professionals.

On Saturday, March 18, 2023, Horizon3 researchers released a proof-of-concept (PoC) exploit for CVE-2023-27532, a high-severity missing authentication vulnerability impacting Veeam Backup and Replication (VBR) software. Based on Horizon3’s technical analysis published on March 23rd, the PoC exploit allows a remote unauthenticated threat actor with access to the VBR service to obtain plaintext usernames and passwords.

When seeking to understand the cyber threat landscape and respond to various incidents, one of the most important factors to consider is how threat actors are gaining access to networks.

Whether it’s ransomware, business email compromise (BEC), or phishing attempts, the number of cyber attacks keeps rising year after year. While there’s solid data on the volume, there’s a caveat, which is that organizations don’t want to disclose that they’ve suffered a data breach. According to Arctic Wolf’s “The State of Cybersecurity: 2023 Trends” report, 50% of organizations experienced a breach in the past year — the same odds as flipping a coin.

Silicon Valley Bank (SVB) experienced a rapid implosion last week after a historic bank run. While many are discussing the immediate financial impacts to the bank accounts — which were largely held by venture capitalists, investors, and technology business owners — and the larger impact on banking in general, it’s important to note that there will be a secondary impact. Hackers and scammers are going to take advantage of the confusion to launch a barrage of social engineering attacks.

When cybersecurity experts speak about a cyber attack, they often refer to actions taken “left of boom” and “right of boom.” In this analogy, the boom is the breach, and the actions organizations take in the aftermath, such as utilizing their incident response plan or working with their cyber insurance company on a claim, are what happens “right of boom.” But it’s the things that happen “left of boom” that can make the difference between proactive and

On Friday, March 10, 2023, California state regulators took possession of Silicon Valley Bank (SVB) and appointed The Federal Deposit Insurance Corporation (FDIC) as receivers. SVB was a 40-year-old commercial bank that was an important lender for the tech and venture capital sector. It’s estimated that half of US venture-backed start-ups were customers of the bank.

On Tuesday, March 7, 2023, Fortinet published a security advisory detailing an unauthenticated remote code execution vulnerability affecting FortiOS and FortiProxy (CVE-2023-25610). The vulnerability was internally discovered by Fortinet, and exploitation has not been observed in the wild at this time. A proof of concept (PoC) exploit has not been published publicly for this vulnerability at this time.

As cybercrime continues to grow and organizations digitize, understanding cybersecurity and how to improve one’s security posture becomes paramount. Unfortunately, the firewall has dissolved and tools alone, though helpful, can’t protect environments when public sector organizations are understaffed, underfunded, and struggling to maintain compliance.