Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

Focus Terrapin patching efforts with Zeek

In this blog, we will demonstrate how Zeek’s metadata approach can help focus patching efforts related to the recent SSH “Terrapin” attack. One of the interesting aspects to bear in mind as you read this is that Zeek provides visibility of the vulnerable elements of this encrypted protocol, and thus serves as a reminder that network monitoring is still very much relevant, even in a heavily encrypted world.

Advanced DNS Protection: mitigating sophisticated DNS DDoS attacks

We're proud to introduce the Advanced DNS Protection system, a robust defense mechanism designed to protect against the most sophisticated DNS-based DDoS attacks. This system is engineered to provide top-tier security, ensuring your digital infrastructure remains resilient in the face of evolving threats. Our existing systems have been successfully detecting and mitigating ‘simpler’ DDoS attacks against DNS, but they’ve struggled with the more complex ones.

Understanding the RSA-based Marvin Attack

The Marvin Attack, named after the vulnerability it exploits, poses a significant threat to systems relying on RSA encryption and signing operations. It's a variation of the Bleichenbacher attack, which exploits errors in PKCS #1 v1.5 padding to perform adaptive-chosen ciphertext attacks. The attack leverages timing information obtained from RSA encryption or signing operations.

New Research: Spike In DNS Queries Driving Phishing and Cyber Attacks

New analysis of DNS queries shows material growth in phishing, malware and botnets and offers insight into how many threats the average person experiences. Most of the reports I cover use detection on an endpoint, a security solution, or the corporate network for their analysis, but the 2024 Annual Security Report from DNSFilter feels a bit more impartial because it uses DNS queries to determine whether whether malicious activity is occuring.

Unraveling the True Cost of Ransomware Attacks and Essential Strategies for Mitigation

A ransomware attack can demoralize or debilitate organizations quite like no other. Not only does ransomware strike a company's morale, but it also causes massive financial losses along with reputational damage that could prove difficult to repair. Cybersecurity Ventures predicted global ransomware damage costs to reach $20 billion annually in 2021, up from $325 million in 2015. In eight years from now, the costs will exceed $265 billion.

Disruption of Transportation Services and Infrastructure: NoName Hacking Group Strikes in Support of Polish Farmers

In a bold move aimed at raising awareness and protest against the pro-Ukrainian stance of the Polish authorities, the notorious NoName hacking group launched a series of cyber attacks targeting critical infrastructure in Poland. The group's motive was clear - to disrupt transportation services and infrastructure to show solidarity with Polish farmers' plight. Who is NoName hacking group and what is their motive?

10 Tips for Mitigating Brand Impersonation Attack Risk

Brand impersonation attacks are a type of phishing attack where a scammer pretends to be a trusted company or brand. The goal is to trick victims into believing they're interacting with the company so they'll be more willing to share their personal information. Brand impersonation attacks can target both individuals and large groups of people. Scammers may use phony websites, mobile apps, or social media pages, as well as bogus emails, voicemails, or text messages.

The Role of Security Configuration Management (SCM) in Preventing Cyberattacks

In the intricate realm of cybersecurity, the relentless surge of cyber threats demands a constant reassessment of defensive strategies. Amidst this dynamic landscape, a subtle yet indispensable player takes center stage — Security Configuration Management (SCM). This blog embarks on an insightful journey into the critical role played by SCM in the ongoing battle against cyberattacks, shedding light on its ability to pinpoint and rectify system misconfigurations.

What Are Command and Control Attacks?

In today's expanding cyber threat landscape, infiltrating a system goes beyond unauthorized access or malware installation. To achieve their ultimate objectives, cybercriminals need to maintain an undetected presence in the system or network to control or extract data according to their needs. Command and Control attacks, also known as C&C or C2 attacks, create a covert link between the compromised system and a C2 server.