Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

knowbe4

Be Careful of Malicious Ads

Dec 12, 2024 By Roger Grimes In KnowBe4
For decades, we have all been warned to be appropriately skeptical of internet search engine results. Sadly, most people are not. Most people think that what Google, Bing, or Duck Duck Go brings back is heaven sent and can be trusted. It cannot. Results often include malicious links from search engine optimization (SEO) poisoning, where the attacker has been able to trick the search engine into returning its URL when a user searches for something.
Read Post
fidelis security

Defending Your Active Directory Against Ransomware: Essential Strategies for Protection

Dec 12, 2024 By Fidelis Security In Fidelis Security
Did you know that 59% of organizations have been hit by ransomware, with Active Directory (AD) often being the primary target for attackers seeking credential theft and privilege escalation? With AD being basically the heart of enterprise IT from the permissions management and granting view, these ransomware threats automatically go against it and hence protecting them is pretty much important so to keep the organization safe.
Read Post
Arctic Wolf

Cleo Releases Patches for Cleo MFT Zero-day Vulnerability

Dec 12, 2024 By Andres Ramos In Arctic Wolf
On December 11, 2024, Cleo released patches addressing the zero-day vulnerability recently observed in attacks targeting Cleo Managed File Transfer (MFT) products. This vulnerability allowed unauthenticated threat actors to import and execute arbitrary shell commands on Windows and Linux on affected devices by exploiting default settings of the Autorun directory. The fix is included in version 5.8.0.24, and is now available for Cleo Harmony, VLTrader, and Lexicom.
Read Post
Arctic Wolf

Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software

Dec 12, 2024 By Stefan Hostetler, Julian Tuin, Aaron Diaz, Jon Grimm, and Cole Bosma In Arctic Wolf
In December 2024, Arctic Wolf Labs observed a mass exploitation campaign involving Cleo Managed File Transfer (MFT) products for initial access. The execution chain involved an obfuscated PowerShell stager, a Java loader, and ultimately a Java-based backdoor, which we will refer to as Cleopatra. In this article we will provide insight into the execution chain in this campaign, obfuscated malicious payloads deployed, and surrounding threat intelligence context around these activities.
Read Post
trilio

Cold Data Storage: How to Optimize Your Data Storage Strategy

Dec 12, 2024 By David Safaii In Trilio
Organizations face mounting pressure as their data storage needs multiply each year. The challenge lies in managing vast amounts of information that must be preserved but rarely sees active use. Cold data storage offers a smart solution for storing this infrequently accessed data while keeping costs under control. Cold storage systems excel at housing compliance archives, historical records, and backup files, all while maintaining accessibility when these assets are needed.
Read Post
Trustwave

Analyzing Salt Typhoon: Telecom Attacker

Dec 12, 2024 By Trustwave In Trustwave
Salt Typhoon is a Chinese-speaking threat actor that the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have tied to a series of attacks that breached and exfiltrated data from several of the world's most prominent telecommunications companies. Trustwave SpiderLabs has created a deep analysis of the threat group Salt Typhoon, detailing the group's history, techniques, tactics, and procedures (TTP), and preferred targets.
Read Post

Securing Infrastructure Access at Scale in Large Enterprises

Dec 12, 2024 By Teleport In Teleport
The complexity and scale of computing infrastructure has exploded in recent years. In larger organizations, managing access, identities, and policies for people and machines to securely access diverse infrastructure resources – such as physical machines and servers, clouds, software apps, services, APIs – is a daunting task. The larger the organization, the more costly and difficult it becomes to wrangle the complexity of this infrastructure in a way that is secure, efficient, and resilient.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.