Emotet has become one of the world’s most advanced botnets. Like many malware campaigns, Emotet’s primary mode of delivery is phishing emails that download malicious Microsoft Office documents. Furthermore, these documents are often hosted in popular cloud apps like Office 365 and Amazon S3 to increase the chances of a successful lure.
A simple DLL file was the catalyst to the most devastating cyberattack against the United States by nation-state hackers. This cinematic breach demonstrates the formidable potency of DLL hijacking and its ability to dismantle entire organizations with a single infected file. DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Windows applications search and load Dynamic Link Libraries (DLL).
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety of corporate laptops and personal devices during the COVID-19 pandemic.
Managers and compliance auditors often ask IT admins to present a report listing file share permissions granted to a group or a particular user. Here are a few paid and free tools that will help you save time on generating these reports.
With the administration of COVID-19 vaccines beginning around the world, many of us have begun to look to a future where the pandemic does not totally dominate our lives. Naturally, the way we socialize and work will have shifted. Remote work, for instance, has shown to be more productive and preferable for many businesses. In the cybersecurity space, we’re also beginning to realize which threats are opportunistic and temporary – and which ones are here to stay.
For organizations and their employees, 2020 was a uniquely transformative and challenging year. Although this reality is expressed in many ways—including a global pandemic, a deep economic recession, perpetual social unrest and a litany of natural disasters—in the professional environment, it is most acutely observed in the rapid and wide-spread transition to remote work.
The rapid rate of change in attack methods and techniques in today’s cybersecurity landscape has made the keeping of an environment secure increasingly more difficult, causing many to fall into a dangerous state of simply reacting to current threats.
In the aftermath of the notorious SolarWinds breach, occurring in mid-December 2020, a nefarious website was observed on 12 January 2021 and, presumably linked to the threat actors involved in the original supply chain attacks, purports to offer stolen data from four victim companies for sale: Other than the above, no file listings, screenshots or detailed 'proof' have been provided although links to four encrypted archive files, one for each potential victim organization, were uploaded to the popular
The fourth annual Sysdig container security and usage report looks at how global Sysdig customers of all sizes and industries are using and securing container environments. By examining how and when organizations are implementing security in the development lifecycle, we have been able to uncover some interesting data points in this year’s report. For example, we can see that 74% of organizations are scanning container images in the build process.
