Identity & Access December 21, 2022

Beware of What Is Lurking in the Shadows of Your IT

6 min read - This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security…

News November 30, 2022

Abuse of Privilege Enabled Long-Term DIB Organization Hack

2 min read - From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a Defense Industrial Base (DIB) organization’s enterprise network. During that time frame, advanced persistent threat (APT) adversaries used an open-source toolkit…

Intelligence & Analytics March 16, 2022

IOCs vs. IOAs — How to Effectively Leverage Indicators

4 min read - Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs)…

Intelligence & Analytics May 13, 2021

What Is SIEM and How Does it Work? The Past, Present and Future

7 min read - Security information and event management (SIEM) solutions provide organizations centralized visibility into their IT and even sometimes OT environments. At a high level, a SIEM turns data into actionable insights by: Ingesting a vast amount of event data from across…

Intelligence & Analytics April 16, 2021

Combating Sleeper Threats With MTTD

6 min read - During the SolarWinds Orion supply chain compromise, threat actors lurked in the victim’s network for more than a year. Discovered by FireEye in December 2020, the earliest traces of a modified SolarWinds Orion go back as early as October 2019.…

Incident Response February 10, 2021

Smell the Attack? Sensory-Immersive Cyber Range Training for Industry 4.0

7 min read - Humanity has been through a number of industrial revolutions since the 1760s, and is now at its fourth cycle of sweeping industrial innovation, known as Industry 4.0. It is characterized by the ongoing automation of traditional manufacturing and industrial practices…

September 25, 2020

Mercenary Group Targets Real Estate and Architecture Firm

2 min read - A digital espionage attack against an international architectural and video production company fit the profile of advanced persistent threat (APT) mercenary groups, Bitdefender revealed on Thursday, August 20.   At the time of analysis, this company had offices in London,…

April 15, 2020

APT41 Distributing Speculoos Backdoor in New Attack Campaign

2 min read - Security researchers discovered an attack campaign in which APT41 distributed the Speculoos backdoor by exploiting CVE-2019-19781.

April 15, 2020

Phishing Campaign Tries to Fool WebEx Users With Bogus IT Security Warnings

2 min read - A phishing campaign is targeting WebEx users who are working from home by spoofing IT security alerts, according to security researchers.

March 30, 2020

Weekly Security News Roundup: 24 Children’s Gaming Apps Laden With Tekya Clicker

2 min read - Researchers found a new clicker malware called "Tekya" hidden within 24 children's games on the Google Play store. Read on to learn what else happened last week in security news.