Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When was the last time you performed your cybersecurity audit? An audit of complete cybersecurity management, not a simple scan. If it has been longer than you remember, then you are probably at risk of being a victim of cyberattacks. As the world becomes increasingly interconnected, the risk of cyberattacks escalates. To safeguard against these threats, it is essential to have a robust cybersecurity management system in place.

During 2022 and the first quarter of 2023 Cyberint noticed an increased trend in Threat Actors engaging in malvertising, AKA abusing the ad space to distribute their phishing & malware campaigns. Malvertising increases their reach and potential victims due to advertisement prioritization in search engine results. This trend is a lesser-known risk among the general public, and therefore poses a higher threat.

In today's interconnected world, securing the software supply chain is crucial for maintaining robust application security. Developers often rely on package managers to import third-party code and libraries, but this convenience comes with risks. Insecure code downloads can introduce vulnerabilities that compromise the integrity of your software. In this blog post, we will explore essential steps to secure the supply chain and prevent developers from downloading insecure code from package managers.

System administrators hold the keys to your organization’s cybersecurity. However, their accounts can also be a source of cybersecurity risks to your company. Both cybercriminals and malicious administrators can exploit the elevated privileges for their own benefit. In this article, we explore key risks coming from admin accounts and offer seven effective best practices on how to protect administrative access to your organization’s critical systems and data.

Doxxing, also spelled doxing, is when a threat actor publishes Personally Identifiable Information (PII) about their target online. This can include publishing the target’s place of employment, home address, credit or debit card numbers and any other sensitive information. The purpose of the threat actor publishing another person’s PII varies, but most commonly has to do with harassment.

The public sector is critical to national and international security. Yet, new research from SecurityScorecard and the Cyentia Institute found that 61.6% of public sector agencies have open cyber vulnerabilities, taking a median of 309 days to remediate. What’s more, 53% of public sector agencies are losing ground closing their cyber vulnerabilities, due in large part to a greater reliance on third-party vendors with less-than-optimal cybersecurity hygiene.

Being one of the world’s largest cloud platforms comes with its own set of challenges. In the case of AWS, the major challenge is maintaining their platform’s security.

Mobile devices have become indispensable in our modern lives, enabling us to stay connected, access information, and conduct transactions on the go. However, the rise of mobile usage for accessing corporate information is attracting the increased attention of cybercriminals seeking to exploit vulnerabilities and gain unauthorized access to sensitive data.

Bad enough for your company to be held to ransom after a cyber attack. Worse still to then have one of your own employees exploit the attack in an attempt to steal the ransom for themselves. That's the situation gene and cell therapy firm Oxford BioMedica found itself in. On 27 February 2018, the Oxford-based firm discovered that it had suffered a cyber attack after it received a ransom demand from a malicious hacker explaining that they had broken into the company's systems.

On Wednesday, the 24th of May, 2023, Zyxel released a security advisory for several vulnerabilities capable of granting unauthenticated remote code execution (RCE) in their line of Firewall and VPN products, tracked as CVE-2023-33009 and CVE-2023-33010. These buffer overflow vulnerabilities are also capable of inducing denial of service conditions.