Blog

Blog

MITRE ATT&CK October Update: Extending to the Cloud

MITRE’s ATT&CK framework is ever evolving. The latest October update extends enterprise coverage to the cloud and adds a considerable list of cloud-specific adversarial techniques. The cloud has seen phenomenal growth over the past few years, as it offers businesses flexibility, reliability and cost-savings. Along with this growth comes new security...
Blog

Phishing Email Instructs Users to Click on "Keep Same Password" Button

Digital fraudsters have launched a new phishing campaign whose attack emails instruct recipients to click on a "Keep same password" button. Bleeping Computer observed that the phishing campaign uses attack emails that arrive with "Account Update" as their subject line. The emails list recipients' email addresses and inform them that their account...
Blog

Aligning SECaaS with Your Organization’s Cloud Security Needs

One cannot underestimate the effect that the ongoing skills gap is having on organizations’ digital security strategies. Gartner estimates that the global number of unfilled digital security positions is expected to grow to 1.5 million by 2020. Reflecting this trend, more than 70 percent of organizations feel that hiring skilled infosec personnel...
Blog

Attackers Using PureLocker Ransomware to Target Enterprises' Servers

Researchers have detected a new ransomware family they're calling "PureLocker" which attackers are using to target enterprises' production servers. Intezer detected a sample of the ransomware masquerading as the Crypto++ C++ cryptography library. In their analysis of the sample, they noticed something unusual when they saw that alleged library...
Blog

VERT Threat Alert: November 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s November 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-859 on Wednesday, November 13th. In-The-Wild & Disclosed CVEs CVE-2019-1429 A vulnerability in the scripting engine in Internet Explorer can lead to code execution. The attacker could...
Blog

Mexico's Pemex Said It Quickly Neutralized Digital Attack

Mexican state-owned petroleum company Petroleos Mexicanos (Pemex) said that it quickly neutralized a digital attack that struck its computer systems. In a statement released on November 11, a spokesperson for Pemex said that the company had quickly responded to digital attacks that struck its systems...
Blog

What Is NIST’s Cybersecurity Framework Manufacturing Profile?

Executive Order 13636, “Improving Critical Infrastructure Cybersecurity," directed the development of the voluntary Cybersecurity Framework that provides a prioritized, flexible, repeatable, performance-based and cost-effective approach to manage cybersecurity risk for those processes, information and systems directly involved in the delivery of...
Blog

BlueKeep: What you Need to Know

What is BlueKeep? BlueKeep is the name that has been given to a security vulnerability that was discovered earlier this year in some versions of Microsoft Windows' implementation of the Remote Desktop Protocol (RDP). The vulnerability was described as "wormable" by Microsoft, and users were warned that BlueKeep might be exploited in a similar...
Blog

Moving to the Cloud to Save Money? Think Again…

When I meet with customers, I always ask about their primary objective in moving to the cloud. The majority of these customers have the same response: “to save money.” I can’t blame customers for taking this position. Google “cloud deployment” and the headers are dominated by positive articles that offer up anecdotal evidence of how the cloud can...
Blog

Texas HHS Commission Penalized $1.6M for HIPAA Violations

The Texas Health and Human Services Commission (TX HHS) must pay a civil penalty of $1.6 million for having violated HIPAA. The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) imposed the penalty in response to HIPAA violations that took place between 2013 and...
Blog

Thunder on the Horizon: 4 Security Threats for the Cloud

Security is both a benefit and a concern for enterprises when it comes to cloud computing. On the one hand, Datamation found in its State of the Cloud, 2019 survey that many organizations are moving to the cloud because they found that cloud-service providers (CSPs) offer better all-around security than they could achieve by themselves. Specifically...
Blog

Escaping the Egregious Eleven - Part One

Helping to define and examine the top perceived cloud security threats of the day, the ‘Egregious Eleven’ is the most recent iteration in an evolving set of summary reports published by the Cloud Security Alliance (CSA). It follows on from the ‘Treacherous Twelve,’ which they defined for us in 2016, and the ‘Notorious Nine,’ which they presented in...
Blog

New MegaCortex Ransomware Variant Changes Victims' Windows Passwords

Researchers discovered a new variant of the MegaCortex ransomware family that changes a victim's Windows password upon execution. Discovered by MalwareHunterTeam and reverse engineered by Vitali Kremez, the threat seized the attention of Bleeping Computer when its ransom note stated that "All of your user credentials have been changed and your files...
Blog

Why PAM Should Be a CISO’s Top Priority

Privileged access management (PAM) consists of strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes and systems across an IT environment. By implementing an appropriate level of privileged access controls, PAM helps organizations condense their organization’s attack surface and prevent, or at least mitigate, the...
Blog

Harvesting Likes on Social Media or a Window for the Hacker to Climb Through?

So earlier this year, I wrote a piece about how we as humans are so quick to give away personal information to various companies in the quest for discounts or free stuff. As I gave it further thought, I realized that sometimes we give away our personal information in search of something even more abstract: likes. We post pictures of our food, our...
Blog

Nunavut Government's IT System Struck by Ransomware Attack

Officials revealed that the IT system owned and operated by the government of Nunavut fell victim to a ransomware attack. Joe Savikataaq, premier of the most northerly region of Canada, disclosed the security incident in a tweet on November 2 and revealed that recovery efforts were ongoing. https://twitter.com/JSavikataaq/status/1190727062690115586...