Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Cyber Risk Retainers: Not Another Insurance Policy

The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk. The one-two punch of a cyberattack can be devastating. There is the breach and then the related mitigation costs. Implementing a comprehensive Incident Response (IR) game plan into a worst-case-scenario should not be a post-breach scramble. And when that IR strategy includes insurance, it also must address a business’s level of cyber risk.


What is a DDoS Attack?

A distributed denial-of-service (DDoS) attack is an attempt to disrupt the normal traffic of a targeted server. This is done by overwhelming the server, service or network being targeted with a flood of internet traffic, ultimately slowing the server down or causing it to crash completely. Think of it as being like a traffic jam, which causes all the cars on a road to slow down or come to a stop.


CrowdStrike Falcon Platform Identifies Supply Chain Attack via a Trojanized Comm100 Chat Installer

The market-leading CrowdStrike Falcon® platform, applying a combination of advanced machine learning (ML), artificial intelligence (AI) and deep analytics across the trillions of security events captured in the CrowdStrike Security Cloud, has identified a new supply chain attack pattern during the installation of a chat based customer engagement platform.


Cyber-Attacks - Monitoring, Prediction, and Confrontation

The LogSentinel reactive security operations platform continues to integrate new cyber defense capabilities, source tracking and combat. The system integrates AI, XDR (EDR, NDR, MDR), scouting, surveillance, traceability, protection, response and confrontation capabilities.


How to Detect Pass-the-Ticket Attacks

In our first post of the series, we looked at ways to detect pass-the-hash attacks, which exploit NTLM authentication within an Active Directory domain. Pass-the-ticket is a related attack that which leverages Kerberos authentication to perform lateral movement. In this post, we will dive into how the pass-the-ticket attack works and what you can do to detect it.


Popular Cryptocurrency Exchange dYdX Has Had Its NPM Account Hacked

San Francisco-based dYdX, a widely used decentralized crypto exchange with roughly $1 billion in daily trades, has had its NPM account hacked in a software supply chain attack that was likely aimed at gaining access to the company’s production systems. The company, founded by ex-Coinbase and Uber engineer Antonio Juliano, dYdX has raised a total of $87 million in funding over 4 rounds and is backed by some powerhouse investors, including Paradigm, a16z, and Polychain. Here is what we know.


Uber data breach 2022: How the hacker annoyed his way into the network (and our learnings)

Illustration by jcomp On Sept. 15, Uber Technologies Inc. was breached by an 18-year-old. The hacker purchased an employee’s stolen credentials from the dark web and pushed a flood of multi-factor authentication (MFA) requests and fake IT messages to them in hopes of getting into their account. Irritated by the non-stop pop-ups, the employee caved in and approved the request, unwittingly setting off a cyberattack.


Explaining the csurf vulnerability: CSRF attacks on all versions

On September 11th, 2022, Snyk published a vulnerability report for the popular CSRF token management csurf npm package. The vulnerability impacts all known versions, which are currently yielding more than 400,000 downloads per week. The vulnerability report is based on the public disclosure by security consultant Adrian Tiron and their write-up on the Fortbridge blog.