Schools and colleges were the worst hit by cyberattacks during the global health crisis in 2020. According to a report by GCN, ransomware attacks alone affected over 1,680 schools, colleges, and universities in the US. Such attacks also targeted 44% of educational institutions across the world. Schools worldwide are back to normal sessions and for many learners, that means spending hours online studying, doing homework, and submitting assignments.

Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilities in NTLM that allow remote code execution and other NTLM attacks where attackers could exploit vulnerabilities to bypass MIC (Message Integrity Code) protection, session signing and EPA (Enhanced Protection for Authentication).

Emotet, one of the most pervasive and destructive botnets in use today, first appeared in 2014. Despite its age, Emotet is still going strong and shows no signs of disappearing anytime soon.

As cyber attacks and security breaches have increased in recent years, managing digital supply chain risks is becoming more difficult. Cybercriminals exploit vulnerabilities in the ecosystem of less secure suppliers and third-party vendors to gain access to larger institutions. These institutions need to look beyond their own cybersecurity maturity to be successful; cyber risks need to be identified across the ecosystem.

Each quarter, Tetra Defense, an Arctic Wolf company, collects and analyzes data and insights from its incident response engagements in the United States. These statistics are a vital part of assessing the cyber threat landscape at large and are intended to guide underwriting strategies, loss prevention programs, broker advisement, and client security priorities.

With so many ways to sign in to apps and services, there’s even more to keep track of. That’s why we’re introducing the ability to save and fill new kinds of logins in 1Password.

It has been a long time coming and definitely slower than we would have liked but we’re almost at the point of release for ionCube Encoder 12 which will support PHP 8.1. The estimate we have been working towards for quite a while now has been ‘around the end of June’ and it looks like that estimate isn’t far off with major testing progressing well.

When the average organization experiences 26 cyber attacks per year, being prepared for the aftermath of a breach is just as important as prevention.

A common question we receive is: should security orchestration, automation and response (SOAR) replace security information and event management (SIEM)? While the two technologies share some common components, they serve different purposes. As security teams look to modernize their security operations center (SOC) to meet the demands of cloud environments, automation is the key priority. To that end, it’s vital to understand the roles of both SIEM and SOAR.