Our Managed Threat Detection and Response team responded to an Alarm indicating that suspicious reconnaissance activity was occurring internally from one of our customer's scanners. This activity was shortly followed by escalating activity involving brute force activity, remote code execution attempts, and exfiltration channel probing attempts all exploiting vulnerable DNS services on the domain controllers.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I’m not going to make any snappy and witty remark over this one as I feel the horror everyone must have felt seeing the photos and aftermath. We never hope to have to enact a DR plan, and after being there many years ago when I had to, believe me it is not fun even when prepared.

In our recent webinar Netacea’s Head of Threat Research, Matthew Gracey-McMinn and Head of eCommerce, Thomas Platt, delved into the top threats set to shape the bot landscape in 2021. 2020 saw an increasing number of bot-based attacks as everything moved online. From online shopping to working from home, the pandemic has changed the way we interact, communicate and consume. As internet activity increased, so did the opportunity to exploit users.

In this article, you will understand what cyber security entails and the breakdown of NCSC’s 10 steps to cyber security that you must know. During our third party security validation exercises or customer communication, we have often come across customers without an answer to ‘what actually their IT and security products are protecting’. It is vital to be aware of what is important, what to protect and how to protect before shopping for security products.

A huge portion of today’s corporate network is made up of mobile endpoints, such as laptops, tablet computers, and mobile phones. These are domain-joined and non-domain devices that require access to corporate assets to carry out everyday operations.

Leaky cloud services are a major concern these days. As more and more organizations move their data and applications to the cloud, ensuring new forms of collaboration and agility for their workforce, setup errors and misconfigurations (or even the lack of understanding of the shared responsibility model) pose a serious risk for the new, enlarged corporate perimeter. So far, in 2021, I have collected 12 major breaches fueled by cloud misconfigurations, and I wonder how many flew under the radar.

A few weeks ago Seattle-based financial services and data management firm Automatic Funds Transfer Services (AFTS) suffered a serious ransomware attack. A gang called “Cuba” hacked and stole approximately 20 months’ worth of AFTS data, including financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents. The compromised data then was offered for sale on the dark web.