The network management solution (NMS) market contains many products that claim to offer the best experience and network security. To this end, choosing a solution that meets your needs can be challenging. One of the biggest challenges has to do with trusting these solutions. Are they safe? Are they reliable? Remember that you need to keep your network […]
What are Advanced Persistent Threats(APT)
Cybercriminals often use an advanced persistent threat (APT) to sustain surveillance or attacks against targets. One of the most valuable assets in a business is its data. Cybercriminals use APTs to steal your information, including trade secrets and patents. Also, bad actors can use APTs to gain employee and client information for extortion or to […]
Essential Email Security Policies
Although the average person may not encounter a substantial amount of emails, businesses and people within these businesses use email every day. Unfortunately, cybercriminals often use this common messaging tool as an attack vector. In this year’s Cost of a Data Breach Report, phishing is the costliest initial attack vector, with an average of USD4.91 million. The […]
Why You Need Email Spam Filter
Unwanted communication, or email spam, is a common challenge for many businesses today. Cyberattackers often send mass emails to millions of email addresses they scraped from the internet. These emails usually have a sense of urgency, lucrative offers, or even mimic other genuine sites. However, the main motivation behind these emails is far more sinister. […]
Linux Tech Tips
Ubuntu Tips How to Install Ubuntu 22.04 Desktop [Step by Step Picture Guide] (Ubuntu Handbook) How to Upgrade to Ubuntu 20.04 LTS Using ‘do-release-upgrade’ Command (Allthings.how) How to enable SSH 2FA on Ubuntu Server 22.04 (TechRepublic) Install Grub Customizer to Configure the Boot Menu in Ubuntu 22.04 (Ubuntu Handbook) 31 Linux Commands Every Ubuntu User […]
Aurora a trending infostealer Malware
Since September 2022, Aurora malware is advertised as an infostealer and several traffers teams announced they added it to their malware toolset. Furthermore, SEKOIA.IO observed an increase in the number of Aurora samples distributed in the wild, as well as C2 servers. First advertised on Russian-speaking underground forums in April 2022, Aurora is a multi-purpose […]
Vulnerable SDK components lead to supply chain risks
Vulnerable SDK components lead to supply chain risks in IoT and OT environments Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External tools and products that are managed by vendors and developers can pose a security risk, especially to targets […]
Social Engineering Attack Costs Billions
Eli Lilly lost USD15 billion in market cap to a social engineering attack. The attack happened only days after Twitter announced a USD8 fee for the blue check mark verification last Wednesday. Following the social engineering attack, Twitter suspended the option. Since Twitter first applied the option, parody accounts of known companies and individuals got […]
Malware Delivered via Contact Forms
The DFIR Report expands on an intrusion from May 2022, where threat actors used BumbleBee as the initial access vector from a Contact Forms campaign. The intrusion began with the delivery of an ISO file that contained an LNK and a DLL. The threat actors leveraged BumbleBee to load a Meterpreter agent and Cobalt Strike […]
Spear-phising for Malware Delivery
Since it first started being active in 2020, Earth Longzhi’s long-running campaign can be divided into two based on the range of time and toolset. During its first campaign deployed from 2020 to 2021, Earth Longzhi targeted the government, infrastructure, and health industries in Taiwan and the banking sector in China. In its second campaign […]
Evasive Techniques used by injected Websites
Analysis of a new technique to inject websites with SocGholish malware found using zip compression, obfuscation, strrev functions, and other evasive techniques to avoid detection. Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish malware is often the first step in severe targeted ransomware […]
Hive Ransomware
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022. As of November 2022, Hive ransomware actors have victimized over 1,300 companies […]
5 Things to Consider When Assessing Your VM Density
Businesses try to get the most out of any capital expenditure to improve their bottom line. When it comes to virtualization, this means trying to get the highest possible return on their virtualization hardware investment. You can do this by increasing the number of virtual machines (VMs) hosted. The greater the number of VMs, the […]
Removing Uninstalled Software Data from Windows
It’s common for Windows users to uninstall applications from their computers. It’s pointless to keep applications on your disk if you no longer use them. Unfortunately, when you uninstall an application, some of its data may remain on the hard disk. To make matters worse, these application remnants sometimes contain sensitive data. In this article, […]
Microsoft 365 Tips and Tricks
Understanding Microsoft 365 security for your environment Why MFA Is More Important than Ever for Microsoft 365 How To Adjust The Multi-Factor Authentification (MFA) For Microsoft 365 How to Build Workflows Using Power Automate and AI in Microsoft 365 Microsoft 365 Login: Troubleshooting User Sign-In Problems How to Prevent Microsoft 365 From Purging Old Messages […]
Windows Tech News
Windows 11 22H2 no longer supports Software Restriction Policies (SRP) (Günter Born) Microsoft WinGet package manager failing due to CDN issues (Bleeping Computer) Turns out shutting off Windows 11 security features helps Intel graphics cards performance, too (OnMSFT) Windows Server news Microsoft: Server Manager disk resets can lead to data loss (Bleeping Computer)
Compromised QNAP devices used for Command and Control
As reported earlier by Red Canary, compromised QNAP devices were used for command and control (C2) infrastructure for Raspberry Robin activity. HTTP requests that contain the victim’s user and device names are sent to the QNAP device, as well as hosting a malicious DLL that is downloaded and installed to the victim system. Image from Microsoft Security […]
Cloud 9 Chrome Botnet
The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user’s device and subsequently assume control of the entire device. The extension, Cloud9, was never found on any official browser extension store; instead relying […]
Why Cybercriminal like IPFS
The InterPlanetary File System (IPFS) is a Web3 technology designed to enable decentralized storage of resources on the internet. When content is stored on the IPFS network, it is mirrored across many systems that participate in the network, so that when one of these systems is unavailable, other systems can service requests for this content. […]
Should you Filter Websites at Workplace
Remote working and web-based services are contributing to the success of many businesses. Yet, dependence on an internet connection makes companies vulnerable to web-based threats. For example, malicious software enters corporate networks when employees browse the internet. Also, clicking and downloading files from anywhere online increases malware risks by 32%. But you can still ban certain […]