Blog

Blog

The MITRE ATT&CK Framework: Impact

Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may look to manipulate, interrupt, or destroy your systems and data. The Impact tactic describes...
Blog

Google Docs Forms Abused by Phishers to Harvest Microsoft Credentials

Security researchers detected several phishing campaigns that leveraged a Google Docs Form to target users' Microsoft credentials. Cofense observed that the phishing emails originated from a compromised email account with privileged access to financial services provider CIM Finance. By using CIM Finance's website to host their phishing emails, the...
Blog

NetOps vs DevOps vs DevSecOps - What's the Difference?

One thing I have noticed is that each industry comes up with their own terms and acronyms. Unfortunately, these inventions often vary depending on the person you speak to due to a lack of a governing body that decides on an exact definition. At times, acronyms can even overlap, causing further confusion. Therefore, when it comes to definitions, I...
Blog

How to Get Started in Digital Forensics

If you want to become a digital forensic expert, be aware that when entering the field, you will be presented with an abundance of information that you will not know. It is a wonderfully challenging career path. Some believe that having the title of a cybersecurity professional (e.g. digital forensics expert, cybersecurity analyst, incident response...
Blog

U.S. Department of Defense Disclosed Data Breach at DISA

The U.S. Department of Defense (DoD) warned that a data breach at the Defense Information Systems Agency (DISA) might have compromised some individuals' personal information. In a photograph of a letter obtained by Reuters, DISA CIO and Risk Management Executive Roger S. Greenwell warned recipients...
Blog

Scammers Use Fake Website to Masquerade as Burning Man Organizers

Scammers created a fake website to masquerade as the organizers of Burning Man and to trick people into buying non-existent tickets for the arts event. Kaspersky Lab discovered a fraudulent website that attempted to capitalize on people's interest in attending the event. The site leveraged the same colors, fonts and design as "burningman.org," the...
Blog

Top Email Security Threats of 2020 - How To Stop Them

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became...
Blog

Mental Health for Hackers: Contents Under Pressure

In 2011, I was in the middle of sitting down when I suddenly felt prickling sensations start from my toes, spread up my legs, and make their way into my arms. I was gasping for air. As the sensation traveled up my spine, it overwhelmed my head, and my heart struggled to keep up. Desperate for air and covered in tears, I started praying. I was scared...
Blog

AZORult Trojan Disguised Itself as Fake ProtonVPN Installer

Security researchers observed samples of the AZORult trojan disguising themselves as fake ProtonVPN installers for distribution. Back in November 2019, malicious actors launched this attack campaign by registering the domain "protonvpn[.]store" with a registrar based in Russia. One iteration of the campaign used malvertising as its initial infection...
Blog

10 Must-See Talks to Attend at RSA Conference 2020

RSA Conference USA is one of the most anticipated digital security events of the year. Last year, its 31 keynote presentations, more than 621 speaker sessions, 700 presenting companies on the exposition floor attracted over 42,000 attendees. Given such popularity, how could the State of Security not include this event in its list of the top...
Blog

Zero Trust Approach to Threat Intelligence – BSidesSF Preview

Zero Trust is a security concept that is based on the notion that organizations should not take trust for granted, regardless of whether access attempts originate from inside or outside its perimeters. An enterprise needs to verify any attempt for connection to its systems before granting access. At the same time, the defensive layers that define...
Blog

Payment Card Data Security Incident Disclosed by Rutter's

Convenience store and gas station chain Rutter's disclosed a security incident that might have affected customers' payment card data. According to a notice posted on its website, Rutter's launched an investigation after receiving a report from a third-party of someone having gained unauthorized...
Blog

Puerto Rico government falls for $2.6 million email scam

As if Puerto Rico wasn't having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals. According to media reports, the government of the US island territory has lost more than US $2.6...
Blog

'Ransomwared' Ransomware Strain Demands Explicit Pictures as Payment

Security researchers spotted a new ransomware strain called "Ransomwared" demanding explicit pictures from its victims as a means of payment. Upon successful infection, Ransomwared runs its encryption routine, appending the file extensions ".ransomwared" and ".iwanttits" to each file it encrypts. Given the names of the file extensions, it's not...