Our latest analysis of the National Vulnerability Database (NVD) has revealed that 2021 has now officially broken the record for common vulnerabilities and exposures (CVEs) logged by researchers. NIST is the US National Institute of Standards and Technology, and its National Vulnerability Database (NVD) is a repository of Common Vulnerabilities and Exposures (CVEs).

We were recognised for both our Incident Response and Managed Detection & Response services.

Previously described as “the world’s most dangerous malware” before being shut down by law enforcement and judicial authorities in January 2021, the Emotet botnet has now returned. In this blog post, we outline its current attack methods and the key questions organisations should ask to protect themselves.

Any organisation that sends electronic marketing communications via phone, fax, email or text, uses web cookies, or provides communications services to the public falls under the PECR’s scope, and must be aware of its information security requirements.

Defending against loader-type malware is crucial to avoid a potential ransomware incident, given the fact that is the foothold of the attack kill-chain related to ransomware tactics, techniques and procedures (TTPs). Two of the most recent malware loaders to emerge are SquirrelWaffle and MirrorBlast. While SquirrelWaffle delivers Cobalt Strike payloads to victims, MirrorBlast uses novel techniques to gather intelligence and drop malicious payloads onto devices.

While organisations frequently focus their security strategy on external risks, the trend of company employees being targeted by threat actors to help provide access is on the rise. In this blog post, we explore the growing issue, outline some recent examples and provide some key steps to take in response.

But, as we explored in the first of this two-part series, there are limitations to using the out-of-the-box rules which form part of the technology. In this blog post, we explore how to customise rules, the rule development process and the role of Sigma.

Yet the rise in remote working means that it’s likely to remain a significant challenge for the long-term. In this blog post, we explain what shadow IT is, the associated risks and the steps organisations should take to mitigate them.

However, SIEM requires the effective application of use cases or threat detection rules to achieve its full potential. In the first of this two-part series, we outline the importance of SIEM use cases (or rules) and the limitations of relying upon those provided out of the box with SIEM platforms.

In this blog post, we outline how the campaign works and the steps organisations can take to reduce the potential risks created by this and other email-based attacks.