Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Intelligence

Featured Post

Leveraging Threat Intelligence for Regulatory Compliance

The US Government recently announced that state-sponsored Chinese cyber group Volt Typhoon has compromised multiple critical infrastructure organisations' IT networks in the US and is preparing "disruptive or destructive cyber attacks" against communications, energy, transport, water and waste water systems. The announcement, which was supported by national cybersecurity agencies in Australia, Canada, UK, and New Zealand, is a sobering reminder that modern life relies on digital networks. From healthcare, banking, and socialising, to energy, water, local and national government - everything has a digital aspect.

Far Beyond the Firewall - Experiencing Alert Fatigue From Your Overwhelmed Firewall?

The cyberthreat landscape is ever-evolving and the level of sophistication from cybercriminals is always increasing. Networks are not impenetrable. Alarmingly, 79 minutes is now the average time from when an attacker compromises a network to when they start to move laterally, infiltrating the rest of the network.

Are Firewalls Alone Equipped to Mitigate Against the Increasingly Sophisticated Cyberthreats?

The sheer volume of data breaches continues to escalate at a phenomenal rate. Cyberattacks on all businesses, but particularly small to medium-sized businesses, are becoming more frequent, targeted, and complex. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% of those businesses are prepared to defend themselves.

Unlocking Efficiency: Building Automation in ThreatQ Threat Intelligence Platform

Staying ahead of evolving threats is crucial for organizations in all industries. Threat intelligence platforms ( TIPs) play a pivotal role in this endeavor, providing a centralized hub for collecting, analyzing, and disseminating threat intelligence. Introducing the ThreatQ Platform, purpose-built for threat detection and response. To further enhance its capabilities, organizations can leverage automation, streamlining processes and fortifying their cybersecurity posture.

Fortinet Vulnerability: CVE-2024-21762

On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.

Security Bulletin: AnyDesk Production Systems Breach

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.