Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Everyone is at risk of a data breach or cyber attack, no matter how small or large a company is. Hackers and cybercriminals come up with new ways every day to steal sensitive information or personal data that they can potentially sell or ransom for money. According to a report published by the Identity Theft Resource Center (ITRC), a record number of 1862 data breaches occurred in 2021 in the US.

‍Cybersecurity is a broad term that describes the practice of securing and protecting all computer systems, devices, and programs in an IT environment from cyber attacks or cyber threats. However, within the field of cybersecurity, there are many different specializations that individuals can choose for their career paths.

Cybersecurity awareness, protection, and prevention is all-encompassing. In addition to implementing the right tools and resources, and hiring skilled professionals with the right cybersecurity education and experience, organizations should be aware of the latest CVEs.

On May 27, 2022, a Microsoft Office document was submitted from Belarus to VirusTotal, using a novel method to deliver its payload. This new technique was identified as a Zero-Day RCE (Remote Code Execution) vulnerability in Microsoft Support Diagnostic Tool (MSDT), which is now being tracked as CVE-2022-30190. As of this writing, it affects only Windows computers running with MSDT URI protocol enabled.

“Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street.” Frank Dickson, Program Vice President, Cybersecurity Products at IDC.

With more and more organizations moving from traditional on-premises infrastructure to the cloud, it remains critical for organizations to have robust security monitoring, regardless of their cloud platform of choice. Sumo Logic Threat Labs has expanded our log parsing, mapping and detection rules for Microsoft Azure. While our Cloud SIEM has broad coverage for AWS and GCP platforms, we wanted to close the gap for Azure coverage, which previously addressed: Azure - Event Hub Deleted Signal Firing.

It's important to understand how hackers target small businesses and that smaller companies are a favorite object of hackers. Why? Because small businesses often lack the security measures and financial resources in place that larger businesses have.

The attack surface is an organization’s digital exposure that an attacker could exploit to get unauthorized access to a system and extract data or other sensitive information. It could also be used as a point within a chain of attacks. As Organizations increasingly rely on SaaS services and products, the digital attack surface is more than the firewall and network.

Over the past month a new ransomware group, named Black Basta, has emerged and has quickly gained popularity. As 29 victims have already been added to Black Basta’s victim list, the group is drawing the attention of security researchers and hunters in the cybersecurity community worldwide. In the era of post-ContiLeaks ransomware groups are looking to utilize and base their product on the fairly successful Conti code.

For consecutive years, applications have remained the top attack vector for black hats, with supply chain attacks not far behind. At the same time, market research indicates that enterprise security managers and software developers continue to complain that their application security tools are cumbersome. When asked, many developers admit that they don’t run security tests as often as they should, and they push code to production even when they know it has security flaws.