Articles about Security

The age of what might be called the hobbyist hacker is long gone, replaced by a much more serious trend towards organized crime and nation states being behind hacking and cyberattacks.

In an era where data can be weaponized, both businesses and governments need to take the threat seriously. It's important for security teams to understand how attacks are carried out and the motivations that lie behind them.

Continue reading →

The NSA might not be the first organization that you think of turning to for advice about how to secure your computer, but the agency has offered up various tips about how to use PowerShell to do just this.

In conjunction with the Cybersecurity and Infrastructure Security Agency (CISA), the New Zealand National Cyber Security Centre (NZ NCSC) and the United Kingdom National Cyber Security Centre (NCSC-UK), the NSA has published a Cybersecurity Information Sheet. The document is entitled Keeping PowerShell: Security Measures to Use and Embrace, and it advises properly configuring and monitoring PowerShell, rather than removing or disabling it as is often recommended.

Continue reading →

John McAfee was a British-American software engineer who founded one of the most prominent anti-virus companies in the world. The self-titled McAfee Associates, Inc. released its first anti-virus program in 1987, under the simple name 'VirusScan.' Before that, McAfee had previously worked for such notables as NASA, Xerox and Lockheed. 

Of course, he became much more notable in his later life, with two failed runs for the Libertarian Party’s presidential nomination in 2016 and 2020, and began his road to trouble by announcing in 2019 that he believed taxes were illegal and stated that he hadn’t filed a tax return since 2010. 

Continue reading →

More and more organizations are enrolling users in Multi-Factor Authentication (henceforth referred to as MFA) wherein a secondary form of authentication takes place following a user inputting their credentials into a service to ensure a user is who they say they are. It’s an added layer of security and authentication that can help prevent compromise. But this isn’t bulletproof.

Recently a few blog posts and papers have begun to come out detailing a bypass technique known as "MFA bombing", "MFA Fatigue", "Push Notification Spamming", and many other terms, detailing high-profile threat actors such as LAPSUS$ who have abused the technique to gain access to otherwise protected areas. The technique was one we at Lares (and other red teams!) have used with overwhelming success in the past. We know it as Push Fatigue.

Continue reading →

According to new research only three percent of 'critical' code vulnerabilities are attackable, which means developers should be able to better prioritize efforts and significantly reduce their workload.

The study from automated security testing firm ShiftLeft finds that focusing on the three percent allows teams to greatly speed up and simplify efforts. ShiftLeft saw a 37 percent improvement from last year in mean time to remediate new vulnerabilities with a median scan time of 1 minute 30 seconds.

Continue reading →

We all know that you shouldn't share passwords. But we also know that there are occasions when it's useful to do so -- giving temporary access to a Wi-Fi network example or sharing data with contractors.

Keeper Security has come up with an innovative solution that allows users to securely share records with anyone on a time-limited basis.

Continue reading →

According to a new report 84 percent of respondents say their organization has experienced an identity-related breach in the last year, with 78 percent citing a direct business impact as a result.

The report, from the Identity Defined Security Alliance (IDSA), finds that 98 percent of respondents report that the number of identities is increasing, primarily driven by cloud adoption, third-party relationships and machine identities.

Continue reading →

Although ransomware remained the most common threat last year the number of new ransomware families and unique variants discovered in 2021 decreased significantly compared to previous years.

Researchers from WithSecure suggest that this could highlight a potential opportunity to disrupt the cybercrime ecosystem that's exacerbated the problem in recent years.

Continue reading →

According to a new report, 60 percent of enterprises have low confidence in their ability to manage attack surface risk.

The study from technology management firm Oomnitza finds businesses increasingly dealing with a hybrid workplace, hybrid cloud, and digital business growth, which makes the ability to manage cyber risk more challenging.

Continue reading →

The widespread use of open source software within modern application development leads to significant security risks, according to a new report.

The research from developer security firm Snyk and the Linux Foundation finds 41 percent of organizations don't have high confidence in their open source software security.

Continue reading →

New managed detection and response (MDR) offerings launched by Trustwave aim to give organizations real-time 24x7 monitoring of their hybrid multi-cloud environments for active threats and anomalies.

Trustwave MDR and Trustwave MDR Elite are backed by a team of global threat operators, threat hunters, and malware experts. Clients also get a free subscription to Trustwave Security Colony -- a battle-tested resource specifically built for CISOs that includes toolkits, guidelines, playbooks, and assessment capabilities.

Continue reading →

Water is -- said without pathos -- our elixir of life. After the air we breathe, we depend on nothing more to survive. We are made up of about 70 percent water and can survive only a few days without its replenishment. So it's fair to say that few other areas of critical infrastructure are as important to us as the supply of pure drinking water. But in the face of rising global tensions, there is growing concern that water supplies, which are as important as they are vulnerable, could become the target of cyberattacks.

Earlier this year, on January 11, 2022, the Joint Research Center of the European Reference Network for Critical Infrastructure Protection (ERNCIP) published its Water Security Plan in the form of a handbook. This addresses the implementation of security measures to protect the physical and digital integrity of water supply systems. The plan is intended to enable drinking water supply operators to lay the groundwork for implementing specific measures to improve water system security against threats and attacks.

Continue reading →

We've become familiar with the widespread use of ransomware, but researchers at Rapid7 have been examining the rise of a newer phenomenon, 'double extortion'.

Pioneered by the Maze ransomware group, double extortion involves cybercriminals collecting files before encrypting them. Then if the target organization refuses to pay they threaten to release sensitive information.

Continue reading →

Choosing a partner business with a poor security posture makes an organization 360-times more likely to be at risk compared to choosing a top security performer, according to a new study.

The risk surface research from Cyentia Institute and RiskRecon shows that single demographic factors, such as industry, size and region, aren't enough to assess the risk posed by third parties.

Continue reading →

Only 16 percent of respondents to a new survey have a fully mature identity and access management (IAM) strategy in place, yet 56 percent have experienced identity-related incidents in the last three years.

The study carried out by the Ponemon Institute for enterprise identity specialist Saviynt shows that the 84 percent without a mature strategy are currently dealing with inadequate budgets, programs stuck in a planning phase, and a lack of senior-level awareness.

Continue reading →