Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

Unveiling Phemedrone Stealer: Threat Analysis and Detections

Recently, the cybersecurity world has been abuzz with discussions about Phemedrone, a newly emerged stealer exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. The project was most recently available on GitHub; however, the project was taken down, and the associated account was removed. Active development still occurs via Telegram.

Add to Chrome? - Part 3: Findings and Recommendations

In the first two installments of this blog series, we explored some high-level concepts related to browser extensions and their security implications and then how we went about analyzing them. In this third blog we explore some of our findings and general recommendations on whether or not you should click “Add to Chrome” the next time you find a fancy new extension!

Add to Chrome? - Part 2: How We Did Our Research

Analyzing the content and security implications of browser extensions is a complex task! It's almost like trying to piece together a complex jigsaw puzzle (thanks JavaScript). Automation is a key way to reduce this complexity without adding to the workload of security staff. With so many extensions to inspect (we analyzed more than 140,000 of them), automating small portions of that analysis provided a big impact.

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard

On January 19, Microsoft issued an advisory disclosing a cybersecurity incident targeting their M365 tenants and attributing the attack to Midnight Blizzard, a state-sponsored actor also known as Nobelium and APT29. Following this, on January 24, the Microsoft team expanded on the initial announcement with a comprehensive blog post providing more insights about the attack and outlining specific tactics, techniques and procedures leveraged by the threat actor.

Building Resilient Organizations around IT and Cybersecurity

In this program, we hear from industry leaders focused on how to transform their teams and organizations while facing these challenges and how they address the gap in technically skilled employees while trying to foster this transformation. Speakers: Ed Hubbard, Director, Site Reliability and Monitoring - Travelport Mitch Ashley, CTO, Techstrong Group Principal - Techstrong Research James Brodsky, Group Vice President, Global Security Strategists - Splunk.

Supercharge Cybersecurity Investigations with Splunk and Graphistry: A Powerful Combination for Interactive Graph Exploration

As a data scientist and Splunk user, you know the importance of leveraging the right tools to gain valuable insights from your cybersecurity data. In this blog post, we'll dive deeper into how combining Splunk and Graphistry can help you unlock new capabilities for your cybersecurity investigations and gain better resilience for your organization.

Short Staffed? Try Using SOAR to Augment Your Security Team

The tech world is grappling with an imbalance between skilled technical talent availability and demand, with far-reaching impacts. Combined with tightened budgets, staff shortages can leave your organization vulnerable to hacking and cyberattacks. Let’s look at just two of the industries being affected: higher education and state and local governments.

ISO 27002: Information Security Controls Explained

In the race to execute digital transformation strategies, the rear-view mirror never fails to shake off the looming cyber threats that are a significant stumbling block to any organizational objectives. Today, nearly 48% of organizations are experiencing more cyberattacks than the previous year.

CVSS: The Common Vulnerability Scoring System

Cybersecurity measures have become important in the ever-evolving landscape of digital threats. With organizations increasingly relying on digital technologies to drive their operations, the risk of cyberattacks becomes more likely, with potential consequences ranging from financial losses to reputational damages.

Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security

Welcome to the wonderful world of browser extensions! These tools promise efficiency, entertainment, and customization at your fingertips. But could those promises come with any hidden danger? In this blog series, we provide an overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store. Our goal? To unravel whether these extensions facilitate a better browsing experience or represent potential threats lurking in plain sight.

AI Predictions Are Fueling Greater Cyber Up-Skilling Needs

It’s a Sunday morning and things are pretty quiet around the Fusilero household, which is especially noticeable now that the chaos of the holiday season has passed and the kids are back at school. So, I’m catching up on my reading and research – starting with Splunk Predictions 2024.

Another Year of RATs and Trojan Stealer: Detection Commonalities and Summary

In 2023, Remote Access Trojans (RATs) and Trojan Stealers were some of the most prevalent types of malware in the cybersecurity landscape. RATs and Trojan Stealer malware represent significant cybersecurity threats, as they’re often employed to conduct espionage, surveillance, and data theft, which emphasizes the critical need for robust defenses.