April 17, 2024 at 04:04PM The notorious Russian military cyber unit, Sandworm, linked to GRU intelligence, engaged in cyberattacks on US and European water and hydroelectric utilities, causing disruptions and a water tank overflow. The group has targeted Ukraine and also impacted US and European critical infrastructure. Mandiant warned of the ongoing threat posed by … Read more
April 10, 2024 at 04:18PM CISA has made its Malware Next-Gen system available for public use, allowing organizations to submit potentially malicious files or URLs for automatic analysis. The service, previously accessible only to .gov and .mil organizations, has already identified around 200 suspicious or malicious files and URLs, demonstrating its value in cyber threat … Read more
March 27, 2024 at 10:06AM The latest report by Google’s Threat Analysis Group and Mandiant reveals a surge in zero-day exploits targeting enterprise-specific software and appliances, surpassing overall zero-day bugs. The increase signals a shift in malicious exploitation targets, with a significant rise in exploits affecting enterprise technologies. The report also delves into the motivations … Read more
March 25, 2024 at 03:00PM In the fast-paced realm of cybersecurity, time is of the essence. Cybercriminals exploit vulnerabilities within 24 hours of access. To combat this, the OODA Loop Military Model, built on Observe, Orient, Decide, and Act, aids defenders. SASE, a cloud-native architecture, harnesses this model by consolidating security controls, enabling real-time visibility, … Read more
March 14, 2024 at 09:15AM Microsoft’s Copilot for Security, using generative AI, will be available globally starting April 1, 2024, following an invite-only program. It enhances security professionals’ capabilities by assisting in incident response, threat hunting, posture management, and intelligence collection using natural language interaction. The solution is based on OpenAI architecture with access to … Read more
March 12, 2024 at 06:27PM The GAO study found that some teams at CISA were inadequately staffed in providing OT products and services. While most entities had positive experiences, there were complaints about insufficient staff, such as four federal employees and five contractors for threat hunting and incident response. Staff shortages resulted in unmet requests, … Read more
March 6, 2024 at 10:02AM The cloud security landscape continues to evolve, with the Cloud Security Alliance (CSA) highlighting 11 key threats and recommended defenses. Issues like misconfigurations and inadequate change control continue to challenge organizations. Effective strategies include building a robust identity program and investing in threat hunting, emphasizing the need for proactive measures … Read more
March 4, 2024 at 03:58AM The Trend Micro threat hunting team recently discovered an RA World ransomware attack using multistage components to ensure maximum impact. The group has successfully breached organizations globally, with a focus on healthcare and financial sectors. The attack involves complex stages, including initial access, privilege escalation, lateral movement, persistence, defense evasion, … Read more
February 27, 2024 at 06:15AM Security Operations Centers (SOC) professionals rely on processing alerts swiftly. Threat intelligence platforms, such as ANY.RUN’s Threat Intelligence Lookup, facilitate SOC investigations by providing access to threat data and enhancing threat analysis. These platforms offer deeper visibility into threats, faster alert investigations, proactive threat hunting, and support informed decision-making. From … Read more
February 21, 2024 at 12:49PM A critical RCE vulnerability in ConnectWise’s ScreenConnect requires urgent patching due to its severity. The exploit allows an attacker to compromise user accounts and gain admin access, potentially leading to RMM tool attacks. The company has released patches, urging immediate updates due to the high risk of attacks. Limited threat … Read more