Introduction On March 2nd Microsoft announced that a Chinese Nation-State actor they called HAFNIUM had been utilizing four zero-day vulnerabilities on premises version of Microsoft Exchange. Microsoft and other researchers say that the Chinese government had successfully penetrated and expanded into around 60,000 companies, globally. Microsoft released a patch on the same day of the announcement. Being well thought out and planned, the attack established backdoors that remain even if the.
“No Thanks." The phone is picked up, “We have a service that does that” says the 5th CISO that day. Welcome to my life. I’m an Inside Sales Representative, at Cymulate, and I speak to dozens of InfoSec Execs a week, and the first thing I hear is that some form of testing is being done, whether it’s vulnerability scanning or pen testing, with no more services required. My challenge is to convince them that it’s worth their while to learn about a new and better approach to security testing. .
A site visitor asked “What is an email gateway attack simulation? How is that different from phishing testing?” Both good questions, let’s have a look: Email Gateway Attack Simulation 101 Email gateways are software and/or appliances that sit between inbound email and your users’ mailboxes. These systems evaluate each inbound email (and often outbound email) that is processed by your company’s email systems. Evaluations can include looking for phishing-like language, checking any links to.
The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million.
In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time. The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.
**Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video feature on Microsoft Word to execute malicious code (Read the press release here). Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video with.
Financial services firms are favorite targets for cyber criminals. The firms are a treasure trove of tradeable data varying from credit card credentials, customer information, and corporate data that can be abused or sold on the dark net. Compared to other industries, the financial sector still remains extremely vulnerable. Overall, the chance of a financial institution being breached is 300 times higher than that of other organizations. While US companies in general are attacked around 4.
In recent years, cyber-attacks on industrial control systems and critical infrastructure all together have been on the rise. A recent study by Bitkom shows that cyber-attacks cost the German industry almost $50 billion. Those attacks are not limited to Europe’s strong economy. Hackers are known to have manipulated critical industrial safety systems to cause physical damage. This poses a major question: Which sectors are the most critical and at risk? The United States Home Land Security (HLS).
Cybercriminals just love targeting healthcare organizations and have been doing it quite often for many years. As can be seen on the table below, during the past couple of months cybercriminals have been working hard on these types of targets. where they hit with ransomware attacks or breach to exfiltrate medical records which they can monetize. These medical records are a treasure trove of information that is easy to sell on the dark web. In contrast to e.g., financial institutions,.
In our first blogpost about MITRE’s ATT&CK™ framework, we explained what it exactly is and how it contributes to cybersecurity. In our second blogpost, we dove deeper into the various features. In this blogpost, the third and final one in this series, we will discuss the future of MITRE’s ATT&CK™ framework as we see it. To recap: ATT&CK™ is a MITRE-developed, globally-accessible knowledge base of cyberattack strategies and techniques that have been detected and reported. This knowledge base is.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips