Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Digital Identity

cyberark

White Phoenix: Beating Intermittent Encryption

May 8, 2023 By Ari Novick In CyberArk

Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted this approach. However, intermittent encryption is flawed. In this blog post, I will introduce White Phoenix, a tool my team built that takes advantage of the fact that those files aren’t entirely encrypted and can, in the right circumstances, salvage some content from the unencrypted parts of the files.

Read Post

How to spot a deep fake? #shorts

May 5, 2023 By CyberArk In CyberArk
Andy Thompson, Offensive Security Research Evangelist at CyberArk Labs, returns to Trust Issues for a dive with host David Puner into the latest developments in the world of ransomware. With ransomware events on the rise, Thompson sheds light on the alarming trend of data exfiltration and double extortion. But what’s causing this surge?
View Video
cyberark

Bad Droid! How Shoddy Machine Security Can Topple Empires

May 4, 2023 By John Walsh In CyberArk

The need for strong identity security protocols for humans has been a given for years. Your organization likely has multiple layers of controls to ensure that access to sensitive assets is limited to those that need it. But a certain large, global (well…multi-global) organization that comes to mind on this May the Fourth also had layers of human identity controls that adhered to the principles of least privilege.

Read Post
cyberark

Fantastic Rootkits and Where to Find Them (Part 2)

May 4, 2023 By Rotem Salinas In CyberArk

In the previous post (Part 1), we covered several rootkit technique implementations. Now we will focus on kernel rootkit analysis, looking at two case studies of rootkits found in the wild: Husky Rootkit and Mingloa/CopperStealer Rootkit.Through these case studies, we’ll share our insights about rootkit analysis techniques and methodology.

Read Post
Featured Post
one identity

Password Managers: Here to stay?

May 3, 2023 By Dan Conrad, IAM Strategist In One Identity
Password managers have become popular solutions for businesses and individuals seeking to improve the password security of their accounts. The implementation of password management solutions within organisations has enabled security teams to securely store and manage company credentials for online and offline applications by using advanced encryption.
Read Post
idcentral

RegTech for KYC & AML : What are the use cases to improve AML Compliance

May 2, 2023 By Sumanth Kumar In IDcentral

The detrimental effects that financial crime may have on businesses and their consumers are nothing new to the fintech sector. When it comes to money laundering, this is especially accurate. Fintechs are attractive targets for money launderers since they only offer digital services, which they believe gives them more anonymity and makes it possible for them to perpetrate crimes undetected.

Read Post
CrowdStrike

Relentless Threat Activity Puts Identities in the Crosshairs

May 1, 2023 By Venu Shastri In CrowdStrike

One set of valid employee credentials can provide an adversary with all they need to log into a business, move laterally, escalate privileges and achieve their goals — whether that’s removing access to accounts, terminating services, destroying data or deleting resources. Identity-based attacks are subtle, but destructive, and organizations must be on high alert for them. CrowdStrike reported 80% of cyberattacks now leverage stolen or compromised credentials.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.