Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Overheard at the SANS Security Awareness Summit 2022

People have become the primary attack vector for cyber attackers around the world. As the Verizon Data Breach Investigations Report 2022 indicates, it is humans rather than technology that now represent the greatest risk to organizations. According to the SANS 2022 Security Awareness Report, the top three security risks that security professionals are concerned about are phishing, business email compromise (BEC) and ransomware, all closely related to human behavior.


Government Agencies vs. Ransomware: A National Emergency

The State of Ransomware in Government 2021 report finds that government agencies are facing a ransomware “national emergency.” Local governments in particular face higher rates of encryption during cyber attacks due to constrained budgets and organizational pressure to divert funds away from cybersecurity, leaving gaps in their data protection.


Protecting Critical Infrastructure from Cyber Attacks

Ransomware and other malicious threats have become commonplace around the globe. But the reality is, whether it be encrypted records, stolen email credentials, or exfiltrated financial statements, these incidents generally involve a limited number of individuals or groups. Before your feathers are completely ruffled, understand that by no means am I minimizing the impact cybercriminals can have on a business. But have you considered attacks of greater scale? Perhaps those that affect the populus?


Threat news: TeamTNT targeting misconfigured kubelet

TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since at least late 2019. This threat actor is financially motivated, focusing their efforts on stealing credentials and cryptomining. In 2020, we analyzed their use of Weave Scope on an unsecured Docker API endpoint exposed to the internet. In December 2021, we attributed an attack to TeamTNT in which they targeted a vulnerable WordPress pod to steal AWS credentials.

Recovering from Ransomware with Rubrik

When ransomware strikes, it’s important to know your recovery options. Whether you need to blanket recover everything in one fell swoop, or you prefer a more surgical approach, Rubrik has your back. This video details how you can use Rubrik Security Cloud to recover from ransomware attacks and other scenarios quickly, and with confidence that you’re not accidentally restoring malware.
Sponsored Post

Ransomware 2022: Facts and Statistics

In 2021, Ransomware Attacks cost businesses an estimated $11.5 billion. But that's just the beginning of the story. What about all the other consequences of ransomware attacks? How do they affect businesses? In this blog post, we'll take a look at some of the most important ransomware facts and statistics for 2021. We'll also discuss what businesses can do to protect themselves from these devastating attacks.


Credential theft food chain-What is Ransomware-as-a-Service

Anyone who has watched the Lockpicking Lawyer realizes that certain locks promoted as the latest-and-greatest aren’t necessarily the most reliable devices for securing physical assets. Like many other security professionals, he seeks to educate consumers and manufacturers on defects in devices and how to improve their security. It reminds me of a quote by Deviant Ollam (security auditor and penetration testing consultant): "Security is achieved through openness.