Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Securing the Cyber Kill Chain

We recognize that federal agencies face a wide range of cyber threats in today’s hybrid and cloud work environment, which requires securing multiple endpoints. From nation-states to organized crime groups, adversaries are looking to steal data at the highest levels of government, and the stakes have never been higher. Protecting sensitive information, ensuring national security and safeguarding public trust all hinge on effective cybersecurity strategies.

Hackers Exploit Exposed Selenium Grid Servers for Proxyjacking and Cryptomining

Hackers are increasingly targeting exposed Selenium Grid servers, hijacking them for cryptomining and proxyjacking activities. Selenium, an open-source browser automation tool widely used for web application testing, has become a valuable target for cybercriminals. As these servers often lack proper security measures, threat actors are seizing the opportunity to leverage them for their own gain.

Critical Adobe Acrobat Reader Zero-Day Patched: Public PoC Exploit Detected

Adobe has recently addressed a critical vulnerability in its Acrobat Reader software, urging users to update immediately. The flaw, tracked as CVE-2024-41869, is a "use after free" vulnerability, which could allow attackers to execute malicious code remotely through specially crafted PDF files. This article explores the nature of this exploit, its discovery, and the urgency behind updating to the latest version.

Thwart cyber threats with 11:11 Application and Zero Trust Services.

Cybercrime and ransomware are a way of life, with almost-daily news about new data breaches. 2024 set a record for the largest ransomware payment ever made. According to Forbes, the ransomware group the “Dark Angels” extracted $75 million, the single largest known ransomware payment ever made. And it is only getting worse. This is why we’re adding to our managed security services and trying to make it easier for our customers to combat online threats.

The Importance of Operational Resilience in Private Equity: Safeguarding and Enhancing Portfolio Value

In the dynamic world of private equity (PE), the ultimate goal is clear: maximise the value of portfolio companies to achieve strong returns on investment. Achieving this requires a multifaceted approach, where operational efficiency, financial growth, and strategic direction are all essential components. However, one often-overlooked aspect that can make or break the success of these investments is operational resilience.

New Latin American fraud rules demand real-time action: Is your bank ready?

With Latin America facing an unprecedented increase in claims for unrecognized credit and debit card transactions, banks and card issuers are directly feeling the impact of fraud and cyber-attacks that are growing more sophisticated by the day. Recent regulations have been implemented across Latin America to address a variety of payment fraud, including an unprecedented surge in claims of unrecognized transactions involving debit, credit and financing products.

Critical triggers to reassess your SIEM: when and why to evaluate

You wouldn’t drive a car that hasn’t been serviced in a decade. So why are you still trusting a legacy SIEM solution? The world of cybersecurity is in a constant state of flux, and your security information and event management (SIEM) needs to keep up. If you’re not regularly reassessing it, you might as well roll out the red carpet for hackers. Let’s discuss when and why you should seriously consider giving your SIEM a much-needed check-up.

What's new in Cloud SIEM Content Packs: September 2024

Implementing a security incident and event management (SIEM) system can be complex and often requires considerable expertise. Teams need to configure a variety of data sources and ensure their SIEM can scale with growing data volumes. In addition, users need time to learn the system, which can delay value realization. And SIEMs also need continuous maintenance to ensure threat intelligence, detection rules, and integrations are up to date.

Crystal Rans0m: Emerging hybrid ransomware with stealer capabilities

Crystal Rans0m is a previously undocumented hybrid ransomware family developed in Rust programming language seen for the first time in the wild on September 2nd, 2023. Interestingly, it does not only encrypt victim’s files, demanding a ransom for their release, but also steals sensitive information from the infected systems. This dual-threat approach means that attackers can double their leverage over victims, potentially increasing their chances of monetizing their attacks.