Detecting Malicious Activity in Microsoft 365

Microsoft 365 is a prime target for adversaries, with objectives ranging from credential harvesting to ransomware. However, managing detection rules can be a cumbersome task, especially as security analysts try to keep up with the ever-changing landscape of telemetry options from Microsoft.

Forward Networks Receives Back-to-Back Honors in Security and Cloud Computing

Forward Networks was recently honored as the Top InfoSec Innovator by Cyber Defense Magazine. Commenting on the win, Yan Ross, editor of Cyber Defense Magazine said, “We scoured the globe looking for cybersecurity innovators that could make a huge difference and potentially help turn the tide against the exponential growth in cyber-crime. Forward Networks is worthy of being named a winner in these coveted awards and consideration for deployment in your environment.”

Application Risk Assessments: Why They're Important and How to Perform Them

An application risk assessment is the process of evaluating and understanding the security risks associated with an application. This information is used to help organizations make better decisions about how to protect their applications from potential attacks. By examining factors such as the number of vulnerabilities and the time needed to patch them, they are able to estimate the possibility of an attack on their application.

Introducing Cyber Essentials and Essential Eight: Putting customers first globally

Just a little over a year ago, Vanta went global with the opening of a European headquarters in Dublin as well as an office in Sydney. And over the past several quarters, we’ve accelerated international momentum by scaling investments across the product and business, from opening our EU data centre to rolling out localised product capabilities, in-region technical support, and more.

Critical Confluence Vulnerability - CVE-2023-22518

On October 31st, Atlassian disclosed a significant security vulnerability tracked as CVE-2023-22518, affecting all versions of Confluence Data Center and Confluence Server software. This vulnerability, rated with a critical severity score of 9.1 in the Common Vulnerability Scoring System (CVSS), has the potential to result in substantial data loss if exploited by threat actors. Its critical nature arises from its capacity to inflict severe consequences on an organization’s data integrity.

[Webinar] Increase visibility and federal IT network security with Tanium + ServiceNow

In the U.S. Federal Government, too often the superset of assets that need to be managed across an entire department or agency aren’t well understood. Many of the latest executive orders, binding operational directives, and even the most recent White House Cybersecurity Strategy all point to a foundational piece of reducing your attack surface: having an accurate inventory of your assets.

CMMC 2.0 Preparation: Top Four Strategic Actions to Take Now

The Cybersecurity Maturity Model Certification (CMMC) 2.0 is a compliance requirement that all Department of Defense (DoD) Contractors (aka, the Defense Industrial Base) will soon have to meet. See my blog Why is CMMC a Big Deal? for more information about the legal implications of CMMC. The CMMC official mandate is expected to be released from rulemaking in the first quarter of 2024 and be in full implementation in the first quarter of 2026.

New DarkGate Variant Uses a New Loading Approach

In the past month, the Netskope Threat Labs team observed a considerable increase of SharePoint usage to deliver malware caused by an attack campaign abusing Microsoft Teams and SharePoint to deliver a malware named DarkGate. DarkGate (also known as MehCrypter) is a malware that was first reported by enSilo (now Fortinet) in 2018 and has been used in multiple campaigns in the past months.