The need for an iron-clad email security solution is once again making headlines. On October 3,the US Department of Justice (DoJ) reported that, working with Trustwave partner Microsoft, it had disrupted a Russian government-based scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

A recent joint threat advisory from the FBI, CNMF, NSA (18 September 2024), highlights the extent of Chinese-affiliated threat actors’ ongoing botnet campaigns which seek to compromise thousands of internet-connected edge devices over a sustained period. This campaign, known as Oriole, is just one of several such active campaigns observed since 2020. JUMPSEC observations indicate that law enforcement has not yet disrupted the botnet, and indicators of compromise (IOCs) are likely ongoing.

Remote and hybrid workplaces are here to stay. In August 2023, 20% of U.S. employees worked from home at least once. By 2025, more than 36 million U.S. employees will work remotely, up from 19 million in 2019. That’s good news for employers who want the widest talent pool and employees who want to do their best work from anywhere. However, it’s also potentially good news for cyber criminals, who can exploit remote access policies to compromise cloud data.

It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed. Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help.

In the ever-evolving landscape of cybercrime, malware-as-a-service (MaaS) has emerged as a lucrative business for cybercriminals. One of the most notorious examples is Raccoon Infostealer, malware designed to harvest personal and financial information from unsuspecting victims worldwide. The mastermind behind this operation, a Ukrainian national named Mark Sokolovsky, recently pleaded guilty in a U.S. federal court to his role in the cybercrime network.

Tools like ADUC and ADAC enable Sysadmins to create a new user in an Active Directory quite easily, but they has certain limitations when it comes to bulk user creation. PowerShell is a powerful and flexible tool for creating Active Directory accounts, and much more at scale. This blog reviews the process to create a new Active Directory user with PowerShell cmdlet New-ADUser. We’ll cover the top use cases for this cmdlet and provides its full syntax so you can explore it further.

You need an API security solution. That much is a given (although some may argue it isn’t!). While essential for business growth and innovation, APIs, or Application Programming Interfaces, expose the organizations that use them to cyber threats. Attackers are both aware of and actively exploiting this fact: Wallarm recently revealed that attacks on APIs impacted 98.35 million users in Q2 2024.

App-to-App SSO enables users to securely access multiple applications using a single set of credentials, simplifying the login process and enhancing user experience across platforms.

Data Execution Prevention (DEP) is a Windows security feature that protects systems by preventing code from executing in memory areas designated for data storage. By ensuring only authorized programs can run in specific memory regions, DEP helps block malicious software, such as viruses, from executing harmful code. It operates at both hardware and software levels, monitoring memory usage to prevent exploits like buffer overflow attacks.

The Rename-Item cmdlet in PowerShell can be used to change the name of an item. This item can be a file, directory, or any object in a path. The cmdlet can also be used to rename items both locally and in a network environment. Users can also perform batch renaming operations, integrate renaming tasks into scripts for automation, and even manage complex renaming requirements with the help of wildcard characters and regular expressions.