Risk Management January 10, 2023

RomCom RAT Attack Analysis: Fake It to Make It

4 min read - The RomCom RAT has been making the rounds — first in Ukraine as it went after military installations, and now in certain English-speaking countries such as the United Kingdom. Initially a spear-phishing campaign, the RomCom attack has evolved to include…

News December 28, 2022

Ukrainian Threat Actor Unmasked in Connection With Raccoon Malware

3 min read - On October 5, 2022, a newly unsealed federal grand jury indictment charged Ukrainian national Mark Sokolovsky, 26, for his alleged role in a global cyber operation known as Raccoon Infostealer. For years this malware has infected millions of computers, compromising…

Identity & Access December 21, 2022

Beware of What Is Lurking in the Shadows of Your IT

6 min read - This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security…

Cloud Security December 15, 2022

How Posture Management Prevents Catastrophic Cloud Breaches

3 min read - We’ve all heard about catastrophic cloud breaches. But for every cyberattack reported in the news, many more may never reach the public eye. Perhaps worst of all, a large number of the offending vulnerabilities might have been avoided entirely through…

CISO November 23, 2022

Emotional Blowback: Dealing With Post-Incident Stress

4 min read - Cyberattacks are on the rise as adversaries find new ways of creating chaos and increasing profits. Attacks evolve constantly and often involve real-world consequences. The growing criminal Software-as-a-Service enterprise puts ready-made tools in the hands of threat actors who can…

Risk Management November 14, 2022

How the DNSChanger Shutdown Changed Cybersecurity

3 min read - On the morning of July 9, 2012, the world braced for an “internet doomsday”: a full-scale crash of the global internet. Except it didn’t happen. And that non-event represented the culmination of a long and successful coordinated action taken between…

Data Protection October 13, 2022

How Do Data Breaches Impact Economic Instability?

4 min read - Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this? According to a recent IBM report, the average cost of a data…

News August 31, 2022

40% of Zero Day Exploits From the Last Decade Happened in 2021

2 min read - Zero-day vulnerabilities are increasing. Attackers can exploit these weaknesses in the wild before a patch becomes publicly available. Until white hats mitigate a zero-day vulnerability, actors can freely exploit it to breach data, systems and networks. According to a Mandiant…

Government August 29, 2022

How Cybersecurity Policy Has Changed Since the SolarWinds Attack

3 min read - Major cyberattacks since 2019 jolted the U.S. government and software industry into action. The succeeding years have seen executive orders, new funding, two summits and a newfound resolve. Because of those attacks, the federal government aims to fix the open-source…

Healthcare August 11, 2022

Incident Response for Health Care IT: Differences and Drivers

4 min read - Threat actors continue to target the health care industry. IBM’s Threat Intelligence Index for 2022 rates the industry as the sixth most targeted. That puts it close behind the energy and retail and wholesale sectors. Certain regions seem to be…