I get a great deal of satisfaction working with enterprises and professionals helping them to develop the skill sets to meet difficult challenges and overcome them. This is especially true when looking at and defeating nation-state and criminal attackers. We have seen some very disastrous Nation-State APT (advanced persistent threats), ransomware and supply chain attacks recently. As sophisticated and frightening as these attacks are, they are, however something we can protect ourselves from..
*This blog has been updated as of February 21,2021 with relevant content. A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users either by creating new sites that would attract them or by infecting existing websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is to swipe username and password combinations hoping the victim.
It is not uncommon for organisations to hear the term “Lateral Movement” after an audit or to be told they have a problem with it after a penetration test. But in most cases, there is no insight into what this means for them; and how they can begin to tackle it. In this post we are going to attempt to make Lateral Movement relatable, and highlight how Cymulate can make it achievable, to understand what Lateral Movement looks like in your environment. Lateral Movement refers to the techniques.
To paraphrase David Ben-Gurion, the first Prime Minister of Israel: "The most dangerous enemy to ... security is the intellectual inertia of those who are responsible for security." I'm reminded of that particular statement now, as we stand on the edge of a world driven sideways by the specter of disease and economic hardship. We must also face the impact these pressures have had on the overall ability to protect and defend the cybersecurity of business and government data and information.
Cymulate 101: What is Breach and Attack Simulation? One of our site visitors asked a pretty popular question recently: “What, exactly, is Breach and Attack Simulation (BAS)?” Let’s dive in and have a look at this form of security control testing. So, what are "security controls?” Simply put, a security control is anything that limits the ability of a threat actor to accomplish their goal, or otherwise stop even a legitimate user from doing something they shouldn’t. Security controls can.
If anything is certain in cybersecurity, it's the fact that email is still the #1 advanced threat vector and more than 90% of targeted attacks start with email. Someone, somewhere in your organization is going to click on something malicious. Here's how to prevent that kind of event from leading to a full-blown breach. Reduce the Email Attack Surface Configuring email gateways and other email protection solutions correctly is the first step toward reducing the email attack surface. Settings.
One common misconception I hear from IT security teams is that simulating a specific threat, say the Dridex Trojan, is more ‘real’ than simulating a proprietary (dubbed “Dummy”) version of the Trojan that mimics the underlying attack method that is so critical to that very Trojan’s success. Simulating Cyber Attacks Case in point, one strain of the Dridex Trojan was found to hide its code in a Microsoft spreadsheet. To protect against that specific strain of Dridex, simulating the attack’s.
Notoriously difficult to detect, fileless malware uses system tools and in-memory execution techniques to do its damage. With fileless malware, adversaries don't have to create or install special tools to bypass defenses, conduct reconnaissance, deliver payloads, or execute malicious activity. Overall, fileless malware attacks increased 265% in 2019. Fileless attacks have traditionally abused Windows OS tools or processes, but in December 2019, a filelesswas detected. They contain malicious.
If we summed up the 2019 threat landscape in one word, it would be "more." Targeting was more specific. More people are crossing over to the dark side. There were new tricks—and more ransomware than you can shake a stick at. Without further ado, here are the top six trends that we noted in 2019. More Specific Targeting Attackers became pickier about their targets. Some targeted specific systems, like AnteFrigus ransomware, which targeted specific users' USB drives to encrypt. Some had distinct.
The No. 1 Barrier to Better Security Testing A recent poll by the SANS Institute found that the top barrier cited by security practitioners to improving their security testing is a “Lack of a systematic approach to defining testing (e.g. lack of testing plan).” In fact, this echoes questions we get from security professionals we meet at conferences, as well as organizations getting started with their own automated security testing. Building a Security Risk Assessment Plan So, how do you.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips