Blog - Cyber Security Informer

Remote Desktop Threats & Remediations

Duo's Security Blog

MARCH 6, 2024

Remote Desktop Protocol (RDP) enables much of today’s hybrid workforce, allowing employees to remotely access desktop computers regardless of their location. Like any remote access tool, however, it is susceptible to security threats, including brute force attacks.

Authentication

Authentication Accountability VPN Passwords

Updating Software: Learn the Importance of Keeping Up-to-Date With the Latest Software Version and Patches

Duo's Security Blog

OCTOBER 25, 2023

Commonly exploited software Vulnerabilities are routinely found in software that runs on users’ devices, both desktops and mobile. New OS version and patch releases typically have security fixes to address identified flaws in the software that could lead to threats such as malware, phishing and denial-of-service attacks.

Software

Software Mobile Malware Risk

Windows PGM Accounts for Half of Patch Tuesday’s Critical Flaws

eSecurity Planet

JUNE 13, 2023

The six critical vulnerabilities are as follows: CVE-2023-24897 , a remote code execution vulnerability in.NET,NET Framework, and Visual Studio, with a CVSS score of 7.8 CVE-2023-29363 , CVE-2023-32014 and CVE-2023-32015 , three remote code execution vulnerabilities in Windows Pragmatic General Multicast (PGM), each with a CVSS score of 9.8

Accountability

Accountability VPN Software Engineering

Ransomware Sanctions: Do They Have Any Impact?

Thales Cloud Protection & Licensing

DECEMBER 13, 2023

This blog post will explore the reasons that ransomware sanctions may fall short and what actions organizations can do to protect against ransomware. However, there are numerous factors that complicate circumstances and hinder the ability of sanctions to have a substantial impact on the ransomware threat landscape.

Ransomware

Ransomware Encryption Backups Accountability

Growing Security Safely in Canada

Duo's Security Blog

JUNE 14, 2021

The need to rapidly switch to remote work environments created pressure for IT teams worldwide, but doing this while keeping their organizations safe and adequately protected was one that many unfortunately overlooked. Moving to remote work forced the perimeter of the workplace to expand swiftly and substantially.

Passwords

Passwords Authentication Phishing Threat Reports

Vulnerability Management in the time of a Pandemic

NopSec

MARCH 16, 2020

For organizations of various sizes that means being able to quickly set up remote working systems to enable employees to work from their homes so that they can protect themselves from being infected. I will be referring to vulnerability management as the process for managing asset attack surface and security threat exposure.

VPN

VPN Accountability Risk System Administration

Payroll Provider Gives Extortionists a Payday

Krebs on Security

FEBRUARY 23, 2019

Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the process of restoring service to customers. The company quickly took all of its systems offline, and began notifying customers that it was trying to remediate a security threat. Roswell, Ga. on Tuesday, Feb.

Backups

Backups Ransomware Encryption Internet

Stories from the SOC – Powershell, Proxyshell, Conti TTPs OH MY!

CyberSecurity Insiders

NOVEMBER 10, 2021

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Reviewing for Additional Indicators – Remote Tools. Executive summary. Investigation.

Threat Detection

Threat Detection Firewall Accountability Malware

Safe Collaboration with McAfee and Microsoft Teams

McAfee

APRIL 22, 2020

Working from home has become a new reality for many, as more and more companies are requesting that their staff work remotely. Already, we are seeing how solutions that enable remote work and learning across chat, video, and file collaboration have become central to the way we work. Comprehensive remediation. Threat prevention.

Encryption

Encryption Mobile Government Accountability

Mitigating Ransomware Attacks – Decoupling Encryption Keys From Encrypted Data

Thales Cloud Protection & Licensing

NOVEMBER 24, 2020

The ransomware threat landscape is no different in India. Sophos’ recent report, The State of Ransomware , reveals that paying the ransom can end up costing companies double the overall remediation cost versus not paying or getting the data back through backups or other methods. To Sum It Up.

Encryption

Encryption Ransomware Backups System Administration

IT threat evolution Q2 2022

SecureList

AUGUST 15, 2022

IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. We recently published our analysis of WinDealer : malware developed by the LuoYu APT threat actor. ToddyCat: previously unknown threat actor attacks high-profile organizations in Europe and Asia. Non-mobile statistics.

Mobile

Mobile Ransomware Malware Encryption

APT trends report Q1 2022

SecureList

APRIL 27, 2022

For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The following day, Avast Threat Research announced the discovery of new Golang ransomware in Ukraine , which they dubbed HermeticRansom.

Malware

Malware Firmware Government Phishing

Using Velociraptor for large-scale endpoint visibility and rapid threat hunting

Pen Test Partners

OCTOBER 11, 2023

It is fast to roll out and is bolstered by an active community that contribute to a growing repository of EDR features and current threat hunts. Once deployed it can obtain key forensic artefacts across the network or perform remote disk acquisitions where we suspect a compromised host. Want to see what applications are running?

Accountability

Accountability DNS Firewall Malware

Cyber Liability Insurance Essentials for Small and Medium-Sized Enterprises

Duo's Security Blog

APRIL 25, 2022

In this blog we explore how small and medium-sized enterprises (SMEs) in particular can mitigate these risks to get a manageable insurance cover, so they can focus on making their business thrive in today’s uncertain times. This point is further backed up in reports that RDP attacks grew by 768% in 2020.

Insurance

Insurance Risk Marketing Authentication

Administrator's Guide, Part 4: Phases of a Passwordless Rollout

Duo's Security Blog

JULY 29, 2021

Part of our Administrator's Guide to Passwordless blog series See the video at the blog post. Hopefully, you’ve already got this one — but if not, there are countless products that can help you mitigate the threats of password-based single-factor authentication. Detect anomalous user behavior and flag it for remediation.

Authentication

Authentication Passwords Accountability Manufacturing

The story of the year: ransomware in the headlines

SecureList

DECEMBER 7, 2021

This is a threat that seems almost inescapable, regardless of whether or not users occupy the cybersecurity or tech space – and it is having a direct impact on lives. After facing pressure from law enforcement agencies, they lost control of their servers, including their blog and payment systems, as well as some funds.

Ransomware

Ransomware B2B B2C Government

Finally, True Unified Multi-Vector Data Protection in a Cloud World

McAfee

DECEMBER 21, 2020

And a report from PwC found that, corporations have termed the remote work effort in 2020, by and large, a success. Many executives are reconfiguring office layouts to cut capacity by half or more, indicating that remote work is here to stay as a part of work life even after we come out of the restrictions placed on us by the pandemic.

Accountability

Accountability Digital transformation Risk Encryption

Cyber Security Informer

Remote Desktop Threats & Remediations

Updating Software: Learn the Importance of Keeping Up-to-Date With the Latest Software Version and Patches

Trending Sources

Windows PGM Accounts for Half of Patch Tuesday’s Critical Flaws

Ransomware Sanctions: Do They Have Any Impact?

Growing Security Safely in Canada

Vulnerability Management in the time of a Pandemic

Payroll Provider Gives Extortionists a Payday

Stories from the SOC – Powershell, Proxyshell, Conti TTPs OH MY!

Safe Collaboration with McAfee and Microsoft Teams

Mitigating Ransomware Attacks – Decoupling Encryption Keys From Encrypted Data

IT threat evolution Q2 2022

APT trends report Q1 2022

Using Velociraptor for large-scale endpoint visibility and rapid threat hunting

Cyber Liability Insurance Essentials for Small and Medium-Sized Enterprises

Administrator's Guide, Part 4: Phases of a Passwordless Rollout

The story of the year: ransomware in the headlines

Finally, True Unified Multi-Vector Data Protection in a Cloud World

Stay Connected