Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft has been experienced a sustained attack by Russian-backed nation-state attacker Midnight Blizzard (also known as NOBELIUM). This blog examines all we know so far.

The rise of ChatGPT and Generative AI has swept the world by storm. It has left no stone unturned and has strong implications for cybersecurity and SecOps. The big reason for this is that cybercriminals now use GenAI to increase the potency and frequency of their attacks on organizations. To cope with this, security teams naturally need to adapt and are looking for ways to leverage AI to counter these attacks in a similar fashion.

Australia has seen several high profile cyber incidents in 2023 and has seen significant loss of customer data (Canva’s 139 million customers, Latitude’s 7.9 million customers HWL Ebsworth’s 65 government agencies, 2.5 million documents). According to the OAIC Notifiable Data Breaches Report: January to June 2023, the top 3 sectors in that period to report data breaches are Health Service Providers (65 notifications), Finance incl.

Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate.

As anyone who has filled out an expense report can tell you, cost management is everyone's responsibility. Organizations must apply a careful balance of budget planning and expenditures that are in sync with the company's changing cash flows.

Over the past month, we’ve rolled out several new capabilities.

The security analyst firm Frost & Sullivan positioned Trustwave as a leader and top innovator in its research on the MDR market landscape, noting its innovative, industry-leading cloud-native Fusion platform provides visibility into cloud, network, endpoint, OT, and email environments, while its Managed Detection and Response solution will spur faster than average industry revenue growth.

Assigning users to the right devices, applications, networks, VPNs, and files is a critical part of every company’s IT workflow. Get it wrong, and you’ve instantly tarnished a new hire’s experience — or worse, opened the door to security and compliance violations. With so much riding on this one component of IT or MSP work, organizations of any size need to be judicious about the identity and access management (IAM) tools they select.

In this installment of Hunting with Splunk we’re showing you how to detect suspicious and potentially malicious network traffic to “new” domains. First, let’s delve into what we mean by “new” domains and why you should make a habit of detecting this activity in the first place. (Part of our Threat Hunting with Splunk series, this article was originally written by Andrew Dauria. We've updated it recently to maximize your value.)

Cybercriminals are always on the lookout for vulnerabilities to exploit and steal sensitive information. One such threat is credential stuffing, a type of cyberattack that can cause significant damage to both individuals and businesses. Credential stuffing is a cyberattack that involves the use of stolen account credentials to gain unauthorized access to user accounts on other systems.