Blog

Blog

CISO: What the Job REALLY Entails and How It’s Evolved over the Years

All of us know what a Chief Information Security Officer (CISO) does from afar. A CISO upholds the organization’s overall security by overseeing the operations of the IS practice, the IT security department and related staff. In this capacity, those who become a CISO attain the highest paying job in information security, as it carries the associated...
Blog

Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By...
Blog

Tripwire Patch Priority Index for August 2020

Tripwire's August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple. Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft .NET Framework,...
Blog

SCM in Practice: How to Strengthen Your Organization’s Security Processes

Security configuration management (SCM) involves maintaining a secure baseline configuration for an organization’s systems and monitoring those assets for deviations from that baseline. This fundamental control pairs well with other elements of an organization’s security strategy. As such, SCM enables security teams to harden their organization’s...
Blog

Emotet Switches to 'Red Dawn' Template in Weaponized Word Documents

Researchers observed that the Emotet gang had incorporated a new "Red Dawn" template into their weaponized Word Documents delivered to users. Until recently, Emotet's handlers had been targeting users with a iOS-themed document template for their malicious Word documents. The template explained that a sender had created the document on iOS, and it...
Blog

¿Te mudas a la nube para ahorrar dinero? Piénsalo de nuevo …

La mayoría de los clientes tienen en mente "ahorrar dinero" al pasarse a la nube. El "cloud deployment" de Google y encabezados de blogs y sitios de noticias están dominados por artículos positivos que ofrecen evidencia anecdótica de cómo la nube puede ahorrar dinero a los clientes. Más comúnmente, los consultores en la nube o los proveedores de la...
Blog

North Korea's BeagleBoyz Resumes International Attacks Targeting Banks

North Korea's BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs. On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber...
Blog

IoT Devices in Different Industries and How to Secure Them

Today, data analytics, automation, connectivity, and remote monitoring have made great progress and have brought innovations in every sphere of modern civilization. The digitization in day-to-day human activities has been revolutionized by the Internet of Things (IoT). Based on Gartner’s Forecast database, we can expect that there will be...
Blog

3 Areas of Your IT Infrastructure that SCM Can Help to Secure

Gone are the days when security teams could focus all of their efforts on keeping attackers out of the network. There’s no inside or outside anymore. The modern network is porous; it allows greater numbers and types of devices to connect to it from all over the world. This characteristic might serve organizations’ evolving business needs as they...
Blog

RDP Used by Iranian Actors in International Dharma Ransomware Attacks

Iranian actors leveraged the Remote Desktop Protocol (RDP) as part of an international campaign to target companies with Dharma ransomware. Group-IB uncovered the campaign while conducting an incident response engagement for a Russian company in June 2020. As part of its investigation, the digital security solutions provider's digital forensics team...
Blog

How IT-OT Security Has Changed in the Wake of COVID-19

After the global outbreak of coronavirus 2019 (COVID-19), organizations quickly transitioned to remote work in order to enforce social distancing and to keep their employees safe. But this work-from-home arrangement opened up organizations to more risk as well as less redundancy and resilience. That’s especially the case for organizations with...
Blog

University of Utah Paid Over $450K to Ransomware Attackers

The University of Utah paid a fee of more than $450,000 to attackers after they infected a portion of its servers with ransomware. The University of Utah's CSBS building. On July 19, 2020, the Information Security Office (ISO) notified the university's College of Social and Behavioral Science (CSBS)...