Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This blog is the latest in a series dedicated to Zhadnost, a Russia-aligned botnet first discovered by SecurityScorecard in March.

Today, we’re happy to announce that Tines and Elastic are partnering to help our joint users detect security threats and reduce mean time to respond. Many of the world’s best security teams rely on the power of Elastic’s high-speed, cloud-scale detection, prevention, and response capabilities to investigate and contain potential security threats within their environments.

Multi-factor authentication prompt bombing is the strongest proof that not all MFA solutions are secure. This social engineering technique has been generating a lot of interest in recent weeks as cybercriminal groups have deployed it successfully as in the case of the Lapsus$ attacks.

Penetration testing is something that more companies and organizations should be considering a necessary expense. I say this because over the years the cost of data breaches and other forms of malicious intrusions and disruptions are getting costlier. Per IBM Security’s “Cost of a Data Breach Report 2021,” the average cost of a breach has increased 10% year over year, with the healthcare sector having the highest cost breaches for 11 consecutive years.

Cyber-attacks are becoming more sophisticated and devastating, especially for small and medium enterprises (SMEs). With ransom demands rising and the cost of data breaches soaring, businesses are investing heavily in building their cyber defenses. However, cybersecurity is not bullet-proof. Buying a cyber risk insurance program can help outsource residual risk, and deploying multi-factor authentication is a prerequisite not only for getting coverage but also for lowering premiums.

Most software today isn’t developed entirely from scratch. Instead, developers rely on a range of third-party resources to create their applications. By using pre-built libraries, developers don’t need to reinvent the wheel. They can use what already exists and spend time on proprietary code, helping to differentiate their software, finish projects quicker, reduce costs, and stay competitive. These third-party libraries make up part of the software supply chain.

The Splunk Threat Research Team recently developed a new analytic story, Active Directory Kerberos Attacks, to help security operations center (SOC) analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight analytics from the analytic story.

Across the thousands of cyber incidents that Kroll’s global team investigates every year, our experts are constantly on the hunt to spot established patterns of threat actor activity—and to discover new ones. In observing attack patterns, our experts discovered that threat actors like repeatability. Certain actors can be predictable not only in how they attack, but also in the tools and tactics they use once they have access.

Why Are Low-Code Platforms Becoming the New Holy Grail of Cyberattackers? Low-code/no-code platforms for enterprise are booming. With more and more critical business assets now stored and handled by these platforms, it is essential to understand that low-code often leads to a large attack surface. This article will explore low-code/no-code from an attacker’s perspective to better understand their potential weaknesses and showcase why they are becoming the new holy grail for cybercriminals.

Everyday life depends on the internet, from online banking to shopping online in this digital world. However, with the increase in the use of networking, cyber-crimes have also increased, which results in the stealing of sensitive data and the spreading of malicious software through unnatural links. Here comes the importance of Public Key infrastructure. PKI is based on data encryption which secures online data from cyber-attacks.