Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Auditing DNS Server Changes on Windows 2012 R2 and later with EventSentry

Auditing changes on Microsoft Windows DNS server is a common requirement and question, but it’s not immediately obvious which versions of Windows support DNS Auditing, how it’s enabled, and where the audit data (and what data) is available. Fortunately Microsoft has greatly simplified DNS Server auditing with the release of Windows Server 2012 R2.

Companies Doubt Ability to Detect & Respond to Ransomware Attacks

PALM BEACH GARDENS, Fla.--(BUSINESS WIRE)--Companies aren’t very confident in their ability to detect, respond to and remediate ransomware attacks, according to the 2017 Ransomware Report, sponsored by user behavior analytics and activity monitoring company Veriato and 13 other companies and conducted by Crowd Research Partners.

Become an Email Security MSP or VAR - IT Channel Transition

In late 2016 the Spambrella partner program evolved to better fit the demand of managed security service providers (MSSP’s) and value add resellers (VAR’s) in transition. This is largely due to the broad and varied territories our partners are located. Spambrella now have partner program options available for all eventualities in all continents.

With Forseti, Spotify and Google release GCP security tools to open source community

Being able to secure your cloud resources at scale is important for all Google Cloud Platform users. To help ensure the security of GCP resources, you need to have the right tools and processes in place. Spotify and Google Cloud worked together to develop innovative security tools that help organizations protect GCP projects, and have made them available in an open source community called Forseti Security. Forseti is now open to all GCP users!

Petya ransomware outbreak: Here's what you need to know...

A new strain of the Petya ransomware started propagating on June 27, 2017, infecting many organizations. Similar to WannaCry, Petya Ransomware uses the Eternal Blue exploit to propagate itself. Petya is taking down corporate networks that run mainly on Microsoft Windows software. It has already hit most Government applications in Ukraine as well as major companies in Europe including advertising agency WPP and law firm DLA Piper.

WannaCry FAQ: What you need to know today!

Friday May 12th will be the day we remember the start of the mayhem caused by ‘WannaCry’, the most successful ransomware infection in history. Since Friday, Security teams have been running around with their heads on fire trying to get ahead of the infection and to understand the malware’s capabilities. In the process, a lot new sales lead ransomware experts seem to have risen from the depths and have confused the situation further.

WannaCry Ransomware Infects Thousands Especially UK's NHS

The recent WannaCry ransomware attack, that has hit over 100 countries, would have been much larger had it not been for the early actions of both a UK cybersecurity researcher who blogs for Malwaretech and two Proofpoint researchers. In this attack, a powerful Microsoft exploit turned into a very nasty worm. As part of their initial effort, the researchers found and sinkholed a domain name hardcoded in the malware, for $10.69 during the early stages of the attack.

The Risks of Smartphone and MFA Usage in Organizations

Smartphones have become essential in workplaces for boosting productivity, but they bring their own set of security challenges. Apps like Microsoft Authenticator add an extra security layer, but they also have their vulnerabilities: If a smartphone with an app like Microsoft Authenticator is compromised, the consequences can be severe for a company.

BianLian Ransomware: Victimology and TTPs

BianLian is a threat actor known for operating the BianLian ransomware. Initially, it emerged as an Android banking trojan back in 2019. Much like the traditional Chinese art of “face-changing” from which it takes its name, BianLian has displayed impressive adaptability. It has transitioned its activities to primarily focus on ransomware attacks, first appearing as a ransomware strain in July 2022.