Blog

Blog

Prioritizing Changes: File Integrity Monitoring Tools & Best Practices

What does file integrity mean? There’s not enough time in the day to investigate every system change, which means you need laser-sharp focus to quickly find the greatest risks to your business. However, the ever-evolving capabilities of cyber adversaries—coupled with the dynamic nature of corporate networks—makes security prioritization increasingly difficult. To combat enterprise cyberthreats...
Blog

What to Expect from Brazil's New Data Protection Law

The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020. Similar to the...
Blog

Foundational Controls Make the Hard Things Easier to Do

Let’s begin with a short story. Imagine that we have two large organizations in the public sector. These entities are very similar. Both are on the receiving end of cyber threats. Both adhere to multiple compliance standards. And both need to ensure that their IT systems are functioning and working as planned. But they’re not entirely the same. Take...
Blog

Find a PlayStation 4 vulnerability and earn over $50,000

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network? If so, you could be heading towards a sizeable sum of money. That's because Sony announced details of a new bug bounty program that it is running in co-ordination with vulnerability-reporting platform HackerOne. Sony is inviting security researchers,...
Blog

Lucifer Malware Abused Windows Exploits for Cryptomining, DDoS Attacks

New malware called "Lucifer" came with numerous exploits for conducting cryptomining functionality and performing distributed denial-of-service (DDoS) attacks on infected Windows machines. Palo Alto Networks' Unit 42 research team identified two versions of Lucifer in their research. (Both variants bore the name "Satan DDoS," but for the sake of not...
Blog

How to Reduce the Risk of Misoperations in Your Bulk Electric Systems

Reliability is essential to the functionality of an electric power grid. This principle guarantees that a constant qualitative and quantitative supply of electric power is flowing from a provider to businesses, homes and more. It’s what enables electric power to drive life forward in modern society. As a result, there’s reason to be concerned about...
Blog

Tripwire Patch Priority Index for June 2020

Tripwire's June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle. Up first on the Patch Priority Index this month are patches for Microsoft, BIND and Oracle for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for BIND (CVE-2020-8617),...
Blog

New CryCryptor Ransomware Masqueraded as COVID-19 Tracing App

Security researchers came across a new ransomware family called "CryCryptor" that masqueraded as a Canadian COVID-19 tracing app. CryCryptor emerged just days after the Canadian government announced it would support the development of a national, voluntary tracing app for COVID-19 called "COVID Alert." That official app had not yet entered its...
Blog

State of Insider Data Breaches in 2020

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing....
Blog

Ryuk Ransomware Deployed Two Weeks After Initial Trickbot Infection

Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload. SentinelOne came across the attacks as the result of monitoring an attack server employed by Trickbot's handlers. In the process, they discovered data for three separate attacks that occurred in the...
Blog

NitroHack Modifies Windows Discord Client into Infostealing Trojan

Security researchers discovered a new malware threat called "NitroHack" that modifies the Discord client for Windows into an infostealing trojan. MalwareHunterTeam observed malicious actors abusing DM's from infected Discord users as a distribution vector. Specifically, they leveraged those accounts to inform a victim's friends that they could...
Blog

Copied master key forces South African bank to replace 12 million cards

Fraudsters stole more than $3.2 million from the banking division of South Africa's post office, after - in a catastrophic breach of security - employees printed out the bank's master key. According to South African media reports, the security breach occurred in December 2018 when a copy of Postbank's digital master key was printed out at a data...
Blog

Amazon Web Services Mitigated a 2.3 Tbps DDoS Attack

Amazon Web Services (AWS) said that it mitigated a distributed denial-of-service (DDoS) attack with a volume of 2.3 Tbps. In its "Threat Landscape Report – Q1 2020," AWS Shield revealed that its team members had spent several days responding to this particular network volumetric DDoS attack. In Q1 2020, a known UDP reflection vector, CLDAP...
Blog

The COVID-19 Pandemic Dominates the Cybersecurity World

Cybersecurity is not a static world. You can say that it is a social system, it affects and is affected by its surrounding environment. For example, back in 2018, it was the GDPR that shook the foundations of security and privacy by making the protection of our personal data a fundamental human right. But that was then. What is shaping today’s...
Blog

Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation. SANS' Internet Storm Center observed that the spam messages first appeared to be instances of an extortion scam campaign. With "Crime Research Center" as the sender, the emails claimed in their messages that...
Blog

The MITRE ATT&CK Framework: What You Need to Know

The MITRE ATT&CK Framework has gained a lot of popularity in the security industry over the past year. I have spent a lot of time researching the hundreds of techniques, writing content to support the techniques, and talking about the value to anyone who will listen. What is the MITRE ATT&CK Framework? For those who are not familiar, ATT&CK is the...