You are here

Home » Cybersecurity

Cybersecurity

Ransomware Resilience – Identifying Precursor Activity to Stave Off a Ransomware Attack

To stay ahead of ransomware, organizations benefit by detecting other malicious activities that often precede the final deployment of a ransomware attack. More often than not, adversaries spend weeks to months on victims’ networks before the actual ransomware encryption code is executed. Therefore, when organizations prioritize proactive detection of malicious behaviors, the chance of succumbing to a ransomware attack will likely decrease.

Threat Awareness – URL Spoofing of Company Domains through Well-Known Cloud Platforms

Email phishing lures are not the only way threat actors attempt to trick individuals into revealing their private information. URL spoofing is another common method adversaries exploit to steal information and conduct other malicious activity. Specifically, researchers have uncovered several URL spoofing bugs in popular Software-as-a-Service (Saas) platforms Box, Zoom, and Google Docs.

Threat Awareness – New IceApple Toolset Being Deployed on Microsoft Exchange Servers

Security researchers have discovered a new sophisticated post-exploitation framework being primarily deployed on Exchange servers, dubbed IceApple. The toolset was discovered by CrowdStrike after an alert triggered on a new customer’s Microsoft OWA deployment. Researchers believe the developers behind IceApple prioritize keeping a low profile in network environments to achieve long-term objectives in targeted attacks.

Joint Cybersecurity Advisory - Protecting Against Cyber Threats to Managed Service Providers and their Customers

The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the United Kingdom have released joint Cybersecurity Advisory (CSA) AA22-131A, warning of an increase in malicious cyber activity targeting managed service providers (MSPs) and this trend is expected to persist. The advisory offers specific steps MSPs and their customers can implement to reduce their risk of falling victim to a cyber intrusion.

NIST Updates Cybersecurity Guidance for Supply Chain Risk Management

The National Institute of Standards and Technology (NIST) has released an updated guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain. The updated guide, titled Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, offers specific methods for companies to adopt as they improve their ability to manage cybersecurity risks within and across their supply chains.

Security Awareness – Infrastructure Entities Targeted by HTML Phishing Campaign

Security researchers have uncovered a phishing campaign targeting energy and other infrastructure companies by exploiting HTML attachments that contain credential stealing forms. In this specific campaign, the threat actor portrays the phishing email as a being from an internal source by leveraging the “Shared-Files via” feature of Microsoft 365 and masquerades as a transcript being sent to the victim. However, the email address, with a Japanese domain, is clearly visible. After downloading the HTML file, users are prompted to enter their Microsoft email password to access a fake invoice.

Pages

Subscribe to Cybersecurity