Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this edition of Corelight’s Hunt of the Month blog, we bring you a STRRAT malware detector. In recent months STRRAT has become one of the top malware families submitted to Any.Run’s malware sandbox: STRRAT is a Java-based remote access tool (RAT) that uses a plugin architecture to provide full remote access to an attacker, as well as credential stealing, key logging, and additional plugins.

A single misstep in managing sensitive data can lead to a data breach causing significant financial losses and severe damage to a company’s reputation. These breaches often expose sensitive customer and corporate data, underscoring the need for robust cybersecurity measures. Unfortunately, many organizations have an inadequate approach to data governance.

How protecting your organization from costly social engineering cyberattacks starts with effective prevention.

As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.

Whereas traditional hacking exploits weaknesses in software or hardware, social engineering exploits weaknesses in the human psyche. By preying on people’s habits, fears, or complacency, attackers can gain access to almost any system, no matter how sensitive or well-protected. The ubiquity of personal mobile devices in the workplace has only exacerbated the threat.

Regardless of whether your environment is on-premises, in the cloud or hybrid, new data makes it clear that users are the top cybersecurity concern, and we cover what you can do about it. According to Netwrix’s 2024 Hybrid Security Trends Report, 79% of organizations experience one or more security incidents in the last 12 months. This is a 16% increase from the previous year, demonstrating that attacks are not subsiding one bit and that they are increasingly successful.

Despite growing security investments in prevention, detection and response to threats, users are still making uninformed mistakes and causing breaches. One of the basic tenets of KnowBe4 is that your users provide the organization with an opportunity to have a material (and hopefully positive) impact on a cyber attack. They are the ones clicking malicious links, opening unknown attachments, providing company credentials on impersonated websites and falling for social engineering scams of all kinds.

Manipulating email headers to mimic the sender’s address and make people think they’re communicating with someone they know. This is a brief definition of email spoofing, an infamous fraudulent technique that can cause harm to recipients and those whose electronic addresses have been compromised. Spoofing may happen to individuals and companies alike.

In today’s modern business environment, nearly every organization partners with at least one third-party vendor or external service provider. Third-party service providers (web-hosting platforms, software-as-a-service companies, and other businesses that provide technology or services as part of a contract) allow organizations to focus on their primary business processes while reducing operational costs.

The simultaneous proliferation of outsourcing and increased interconnectedness of modern businesses has caused the third-party risk management (TPRM) landscape to evolve significantly over the last few years. Establishing a robust TPRM program is no longer just about managing risk across your organization’s third-party ecosystem or gaining an edge over your competitors.