Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The Largest and Most Notorious Cyber Attacks in History

Cyber attacks are deliberate attempts to steal, alter, or destroy data or to disrupt operations and to damage the digital parts of a critical infrastructure. This blog post explores the most destructive major cyber attacks in history, detailing the underlying motives and impact, and then offers prevention and detection best practices.

CVE-2024-12356: Critical Severity Command Injection Vulnerability in BeyondTrust Remote Support (RS) & Privileged Remote Access (PRA)

On December 16, 2024, BeyondTrust published a security advisory outlining a vulnerability impacting their Remote Support (RS) and Privileged Remote Access (PRA) software. The flaw, CVE-2024-12356, is a critical severity command injection vulnerability. If successfully exploited it can allow an unauthenticated remote threat actor to execute underlying operating system commands within the context of the site user.

Arctic Wolf Observes Targeting of Publicly Exposed Fortinet Firewall Management Interfaces

Since early December 2024, Arctic Wolf has been monitoring threat activity involving the malicious use of management interfaces on FortiGate firewall devices on the public internet. While our investigation into this activity is ongoing and the scope is yet to be fully determined, organizations running these products should ensure that they are adhering to security best practices for management access of firewall devices.

DR Guide for Humans: Keys to Understanding MDR, EDR, NDR, XDR (PART 2)

EDR protects organizations' endpoints and surpasses the capabilities of traditional antivirus solutions focused solely on preventing known attacks. Its main strength is detecting and responding to advanced threats that have evaded previous security controls.

Protect Your Data within your Generative AI workflow with Protegrity on AWS Bedrock

Collaboratively authored by Anthony Cammarano, Mario Vargas, Muneeb Hasan, Alexandre Charlet, Andre Castro, Vic Levy, Ken Darker and Iwona Rajca Generative AI (GenAI) applications are revolutionizing how businesses interact with data, primarily through Retrieval-Augmented Generation (RAG) pipelines, combining language models with vast enterprise knowledge bases. These pipelines allow organizations to query extensive internal datasets in real time.

Seamless API Threat Detection and Response: Integrating Salt Security and CrowdStrike NG-SIEM

APIs are essential for modern digital business operations, enabling smooth connectivity and data exchange between applications. However, the growing dependence on APIs has unintentionally widened the attack surface, making strong API security a vital concern for organizations. Traditional security measures often prove inadequate in effectively safeguarding this changing landscape.

[Heads Up] Bad Actors Use Voice Phishing in Microsoft Teams To Spread DarkGate Malware

Threat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro. “The attacker used social engineering to manipulate the victim to gain access and control over a computer system,” Trend Micro says.

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November 2023 to October 2024. Analyzing data from its GreyMatter platform and dark web activity, ReliaQuest found that utilities like water and energy systems are disproportionately affected. Their critical role in infrastructure makes them prime targets for cybercriminals.

Securing Your Healthcare Supply Chain: A Guide to Supply Chain Detection and Response

The Evolving Threat Landscape In today’s interconnected healthcare landscape, supply chain security has emerged as a critical concern. Cyber threats are becoming increasingly sophisticated, targeting vulnerable points in the supply chain to infiltrate networks and steal sensitive patient data. As a result, healthcare organizations must prioritize the security of their vendors and partners to protect their own operations and patient information. What is Supply Chain Detection and Response?