Category: Security

SOC files
The SOC case files: Play ransomware targets manufacturing firm

The SOC case files: Play ransomware targets manufacturing firm

Incident summary A U.S.-based manufacturing company was recently targeted by the Play ransomware group in the early hours of the morning. The attackers broke into an under-protected domain controller at 1:00 am. At 3:20 a.m. the gang attempted to execute...

/ November 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New malware loader – BabbleLoader

Cybersecurity Threat Advisory: New malware loader – BabbleLoader

BabbleLoader is a newly identified malware loader designed for delivering information-stealing payloads such as WhiteSnake and Meduza. It demonstrates sophisticated evasion techniques that challenge both traditional antivirus solutions and modern AI-driven detection systems. Read this Cybersecurity Threat Advisory to learn...

/ November 20, 2024
bots
Threat Spotlight: Bad bots are evolving to become more ‘human’

Threat Spotlight: Bad bots are evolving to become more ‘human’

The bot landscape is changing. Malicious — or bad bots — are evolving to become more advanced and human-like in their behavior, while an emerging category of AI bots, which we might think of as “grey bots,” is blurring the...

/ November 19, 2024
biometrics
Enhance security services with biometrics

Enhance security services with biometrics

Biometrics is exploding in popularity as a security tool with research indicating that 81 percent of consumers consider biometrics a more secure method of identity verification than traditional methods. Illustrating the embrace of this technology is the global biometric authentication...

/ November 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New critical Citrix vulnerabilities

Cybersecurity Threat Advisory: New critical Citrix vulnerabilities

New critical vulnerabilities in Citrix Virtual Apps and Desktops, tracked as CVE-2024-8068 and CVE-2024-8069, as well as new flaws involving MSMQ (Microsoft Message Queuing) misconfiguration, were discovered. These vulnerabilities enable attackers to achieve unauthenticated remote code execution (RCE) on vulnerable...

/ November 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New ransomware variant to watch for

Cybersecurity Threat Advisory: New ransomware variant to watch for

A new ransomware family, Ymir, has been discovered. It is an unconventional combination of memory management functions (like malloc, memmove, and memcmp) that executes malicious code directly in the memory. Continue reading this Cybersecurity Threat Advisory to learn how to...

/ November 14, 2024
AI BEC
The rise of AI-based BEC attacks

The rise of AI-based BEC attacks

Cybercriminals are quickly latching on to new technology and strategies to improve the success rates of their social engineering-based email attacks. In the latest Barracuda Email Threats and Trends report, the company found that although traditional email scams like phishing are...

/ November 14, 2024
Zero Trust
Easily overcome Zero Trust deployment hurdles

Easily overcome Zero Trust deployment hurdles

Zero Trust Network Access (ZTNA) isn’t just a security model — it’s the future of cybersecurity. Required in many industries today, ZTNA significantly increases the security posture across the entire organization and often replaces existing VPN solutions that have been a...

/ November 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Phishing campaign spreading Remcos RAT malware

Cybersecurity Threat Advisory: Phishing campaign spreading Remcos RAT malware

A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read this Cybersecurity Threat Advisory to learn how this could impact your organization. What is the threat? This campaign delivers malware through a phishing email...

/ November 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Palo Alto PAN-OS RCE vulnerability

Cybersecurity Threat Advisory: Palo Alto PAN-OS RCE vulnerability

A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE). Read this Cybersecurity Threat Advisory for the best practices to securing the PAN-OS management...

/ November 13, 2024