Over the last year, we have continued to witness web shells breaching organizations worldwide, affecting both edge devices and on-premise web applications. Web shells consistently evade standard controls, posing a persistent threat. Today, the Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.

Initial Access Brokers (IABs) are threat actors who infiltrate networks, systems, or organizations and sell this unauthorized access to other malicious actors. Instead of executing the entire cyberattack, IABs focus on the initial breach and monetize it by selling access to compromised systems. They assist ransomware operations, particularly RaaS schemes, by streamlining attacks and reducing workload at the start.

In a recent cybersecurity development, eight vulnerabilities have been identified in Microsoft applications for macOS. These flaws could potentially allow attackers to gain elevated privileges or access sensitive data by bypassing the operating system’s permissions-based security model. This blog delves into the nature of these vulnerabilities, their potential impact, and the steps that can be taken to mitigate the risks.

You may be receiving an increase in spam calls if your phone number is on the dark web or people search sites, if you’ve answered spam calls in the past or if your phone number was leaked in a data breach. Spam calls are unwanted calls that could be from telemarketers, robocallers or scammers. Although some spam calls are simply unsolicited, scam calls fall under the category of spam calls but are different due to their malicious nature.

Vendor risk monitoring is the process of continuously identifying, assessing, and managing security risks associated with third-party vendors. This effort is crucial to a successful Vendor Risk Management program as it ensures an organization’s third-party risk exposures remain within acceptable levels throughout each vendor's lifecycle.

Hacktivism is by its very nature reactive, as it involves the use of computer-based techniques as a form of civil disobedience to promote a political agenda or social change. Groups conduct attacks in response to the actions of others, both to encourage or discourage these actions. With the emergence and developments of the Russia-Ukraine war and the Israel-Palestine conflict escalations, there has been a resurgence in hacktivism over the past few years.

The effectiveness of your entire Vendor Risk Management program is contingent on your vendor risk monitoring capabilities. Insufficient vendor security monitoring that fails to detect cyber risks during onboarding or any new cybersecurity risks throughout the vendor lifecycle will inevitably emerge later on as a major breach risk. To help you choose a vendor risk monitoring solution that will maximize your VRM investment, this post ranks the top eight vendor monitoring platforms on the market in 2024.

Today’s blog installment brings us to the end of our 30-week journey that covered 30 cybersecurity topics that I felt would be of interest to a wide variety of security practitioners, such as Security Architects, Security Admins, and Security Auditors. I hope everyone found it as helpful as I found it to write. So, let’s move on with our last topic.