Attackers always seek the easiest path to get into our systems and compromise data. System misconfigurations and insecure default settings are often the criminals' favorite vectors since these errors allow them easy access to critical systems and data. The rise of misconfiguration errors was primarily driven by cloud data storage implementations deployed without appropriate access controls.
The NSA has published a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protected against the threat. The BlackLotus UEFI bootkit made a name for itself in October 2022, when it was seen being sold on cybercrime underground forums for $5,000.
How the right partnership can be a springboard for IT transformation.
For more than 30 years, we’ve been living in a world where one of the most widely-used applications is the web browser. Despite being designed primarily for consumer use, browsers have become essential to how enterprises operate – serving as the connective tissue between identities, applications and data. And yet, despite all of the advancements leading to today’s digital and cloud-centric world, one of the least secure applications is … the browser.
On the 31st of May 2023 a public warning was issued by MOVEit, regarding a critical SQL injection vulnerability found in in their systems. This vulnerability allowed malicious actors to gain access to the database. The flaw, known as CVE-2023-34362, was identified on the 2nd of June, but it had already been exploited four days before the alert. By the end of May, approximately 2,500 instances of MOVEit file transfers were discovered to be exposed online, primarily in the United States.
Kroll has analyzed incidents throughout Q1 2023 where drive-by compromise was the initial infection vector for GOOTLOADER malware. It is likely that the threat actors are utilizing SEO to drive individuals to either their own malicious website or to infected WordPress sites. These sites are then used to host documents that would be attractive to employees within the legal and professional services sectors.
A lot has changed in the world of Code Signing since the month of June. And you must be curious about it too! The blog will explain key attestation, supporting hardware, and the pros and cons of using this method to deliver code signing certificates. New guidelines for distributing code signing certificates went into effect on June 1, 2023, to increase security. One of the most significant improvements requires the delivery of certificates using safe Hardware Security Modules (HSMs.
Despite the security controls that OpenAI has imposed on ChatGPT to try to make it a secure space capable of assisting users in a variety of tasks, cybercriminals have managed to exploit this technology for malicious purposes. Recent research has shown that this generative artificial intelligence is capable of creating a new branch of polymorphic malware with relative ease. The main risk lies in ChatGPT's versatility, which allows it to create code that could easily be used for malware.
Zero Trust has been a concept since 2009 when Forrester first realized that traditional security models operated on the outdated assumption that everything inside an organization’s network should be trusted. 14 years later, the rule of “Never Trust, Always Verify” has never been more important, especially as data breaches continue to make headlines on a seemingly daily basis.
New data shows that even with the majority of organizations experiencing cyber attacks, three hours of security awareness training simply isn’t enough.
