On May 31, 2023, Kroll received multiple reports that a zero-day vulnerability in MOVEit Transfer was being actively exploited to gain access to MOVEit servers. Kroll has observed threat actors using this vulnerability to upload a web shell, exfiltrate data and initiate intrusion lifecycles. This vulnerability may also enable a threat actor to move laterally to other areas of the network.
Elliptic Curve Cryptography (ECC) is a form of public-key cryptography that is based on the mathematics of elliptic curves. It provides a secure way to perform cryptographic operations such as key exchange, digital signatures and encryption. ECC is an alternative to Rivest-Shamir-Adleman (RSA) encryption, which was first released in 1977. Continue reading to learn more about elliptic curve cryptography and why it’s considered the most secure form of encryption.
The increasing adoption of software bill of materials (SBOM) standards are starting to drive better interoperability between security tools. The NTIA’s work on defining a minimum set of elements for an SBOM was a key part of that, especially with multiple formats like CycloneDX and SPDX in widespread use. But with work on SPDX 3.0 and CycloneDX 1.5 progressing, there are lots of things we can do with the SBOM formats beyond the minimum elements.
Improved BlackCat ransomware variant strikes with lightning speed in stealthier attacks, Microsoft finds a macOS bug that lets hackers bypass SIP root restrictions, and Dark Pink hackers continue to target government and military organizations.
Former Texas Congressman William "Mac" Thornberry and Trustwave Government Solutions President Bill Rucker recently sat down to discuss several pressing issues impacting the federal government’s cybersecurity preparedness, the impact the Russia-Ukraine War has had on cyber, and what remains to be done to shore up the nation's cyber defenses. This is the second half of their conversation.
We just released parlay, a new open source tool that can enrich SBOMs with additional information. You can read more in the announcement blog post. In that post, we briefly mentioned why this is important for decision-making based on SBOM data, but thought a few quick examples might be interesting. parlay can add a lot of extra information to an SBOM, and we can use that information to write more powerful policies.
LimaCharlie gives you the ability to collate and correlate data of any type, enriching it with threat intelligence and allowing for real-time, actionable decisions. Today, we are excited to discuss our new integration with alphaMountain.
Small businesses are more vulnerable to cyber-attacks since hackers view them as easy victims to target. While this may seem unlikely, statistics reveal that more than half of these businesses experienced some form of cyber-attack in 2022. It's also reported that state-sponsored threat actors are diversifying their tactics and shifting their focus toward smaller enterprises.
