Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Introducing Tanium Ask: Using AI to Get Questions Answered

How many questions does your organization need to answer about your endpoints every day, and how long does it typically take to get the answer? How often do these questions require an operator with great expertise to provide accurate answers? Do the questions feel like they are resulting in fire drills for your teams?

The Cost of Being A CISO - Part: 1Personal, Professional & Organisational Challenges

Join us for part one of our two-part series examining the world of Chief Information Security Officers. This episode welcomes back Richard Cassidy, Field CISO at Rubrik, and Oliver Rochford, former Gartner analyst and founder of Cyberfuturist. This episode offers insights that will give you insight into what makes security leadership successful - and what can lead to failure.

Be Careful of Malicious Ads

For decades, we have all been warned to be appropriately skeptical of internet search engine results. Sadly, most people are not. Most people think that what Google, Bing, or Duck Duck Go brings back is heaven sent and can be trusted. It cannot. Results often include malicious links from search engine optimization (SEO) poisoning, where the attacker has been able to trick the search engine into returning its URL when a user searches for something.

Defending Your Active Directory Against Ransomware: Essential Strategies for Protection

Did you know that 59% of organizations have been hit by ransomware, with Active Directory (AD) often being the primary target for attackers seeking credential theft and privilege escalation? With AD being basically the heart of enterprise IT from the permissions management and granting view, these ransomware threats automatically go against it and hence protecting them is pretty much important so to keep the organization safe.

Cleo Releases Patches for Cleo MFT Zero-day Vulnerability

On December 11, 2024, Cleo released patches addressing the zero-day vulnerability recently observed in attacks targeting Cleo Managed File Transfer (MFT) products. This vulnerability allowed unauthenticated threat actors to import and execute arbitrary shell commands on Windows and Linux on affected devices by exploiting default settings of the Autorun directory. The fix is included in version 5.8.0.24, and is now available for Cleo Harmony, VLTrader, and Lexicom.

Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software

In December 2024, Arctic Wolf Labs observed a mass exploitation campaign involving Cleo Managed File Transfer (MFT) products for initial access. The execution chain involved an obfuscated PowerShell stager, a Java loader, and ultimately a Java-based backdoor, which we will refer to as Cleopatra. In this article we will provide insight into the execution chain in this campaign, obfuscated malicious payloads deployed, and surrounding threat intelligence context around these activities.

Cold Data Storage: How to Optimize Your Data Storage Strategy

Organizations face mounting pressure as their data storage needs multiply each year. The challenge lies in managing vast amounts of information that must be preserved but rarely sees active use. Cold data storage offers a smart solution for storing this infrequently accessed data while keeping costs under control. Cold storage systems excel at housing compliance archives, historical records, and backup files, all while maintaining accessibility when these assets are needed.