Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there's an … [Read more...] about Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
compromise
Understanding Business Email Compromise to better protect against it
What is business email compromise? Imagine this: Your CEO sends you an email asking for your help transferring $5,000 to a new vendor for an urgent project. You make the transfer, only to find out later that the email was actually from an imposter, and that money is now in the hands of cybercriminals. Oops, right? crickets Business Email Compromise (BEC) is a type of cybercrime … [Read more...] about Understanding Business Email Compromise to better protect against it
noPac Exploit: Microsoft AD Flaw May Lead to Total Domain Compromise
What Happened? Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain. In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) … [Read more...] about noPac Exploit: Microsoft AD Flaw May Lead to Total Domain Compromise
Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)
This blog was originally published Oct. 1, 2021 on humio.com. Humio is a CrowdStrike Company. What is an indicator of compromise (IOC)? An indicator of compromise (IOC) is a piece of digital forensics that suggests that an endpoint or network may have been breached. The ability to monitor for indicators of compromise is critical to a comprehensive cybersecurity strategy, … [Read more...] about Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)
How to Fight Business Email Compromise (BEC) with Email Authentication?
An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. Targeting commercial, government as well as non-profit organizations, BEC can lead to huge amounts of data loss, security breach, and compromised financial assets. It is a common misconception that cybercriminals usually lay their … [Read more...] about How to Fight Business Email Compromise (BEC) with Email Authentication?
How Adversaries Use Politics for Compromise
Threat Research This blog post was authored by Nick Biasini and Edmund Brumaghin of Cisco Talos. Executive Summary With the U.S. presidential primaries just around the corner, even malware authors can’t help but get behind the frenzy. Cisco Talos recently discovered several malware distribution campaigns where the adversaries were utilizing … [Read more...] about How Adversaries Use Politics for Compromise
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message … [Read more...] about Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages