/ Government Security Alerts /

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability, which advised organizations to immediately …

/ Government Security Alerts /

The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. The advisory highlights the cyber threat posed by North Korea – formally known as the Democratic …

/ Security News /

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDREPP solutions (represented by vendors like Crowdstrike and Carbon …

/ Security News /

Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection …

/ Security News /

“Pay $20,000 worth of bitcoin, or a bomb will detonate in your building” A massive number of businesses, schools, government offices and individuals across the US, New Zealand and Canada on Thursday received bomb threats via emails that caused nationwide chaos, forcing widespread evacuations and police response. The bomb threat emails were apparently sent by …

Detection Organizations should configure system logs to detect incidents and to identify the type and scope of malicious activity. Properly configured logs enable rapid containment and appropriate response. Response An organization’s ability to rapidly respond to and recover from an incident begins with the development of an incident response capability. An organization’s response capability should …

/ Security News /

It’s no secret that expecting security controls to block every infection vector is unrealistic. For most organizations, the chances are very high that threats have already penetrated their defenses and are lurking in their network. Pinpointing such threats quickly is essential, but traditional approaches to finding these needles in the haystack often fall short. Now …

/ Security Assessments News /

Windows Defender Advanced Threat Protection (ATP), Microsoft’s security software that combines end-point security and data collection with cloud analytics, has hitherto been unique to Windows 10. But no longer; Microsoft announced today that it’s bringing the same features to Windows 7 and Windows 8.1. Coming this summer, the Endpoint Detection and Response (EDR) portions of …

/ Security News /

The growing popularity of Bitcoin and other cryptocurrencies is generating curiosity—and concern—among security specialists. Crypto mining software has been found on user machines, often installed by botnets. Organizations need to understand the risks posed by this software and what actions, if any, should be taken. To better advise our readers, we reached out to the …

Since at least May 2017, threat actors have targeted government entities and the energy, water, aviation, nuclear, and critical manufacturing sectors, and, in some cases, have leveraged their capabilities to compromise victims’ networks. Historically, cyber threat actors have targeted the energy sector with various results, ranging from cyber espionage to the ability to disrupt energy …