SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. On February 24, the National Security Defense Council of Ukraine (NSDC) publicly warned that a threat actor had exploited a national documents circulation system (SEI EB) to distribute malicious documents to Ukrainian public authorities.

Malware 145

Malware Government Spyware Social Engineering 145

eSecurity Planet

JULY 8, 2024

July 3, 2024 Threat Actors Exploit MSHTML Flaw to Deploy MerkSpy Surveillance Tool Type of vulnerability: Remote code execution. The problem: A Microsoft MSHTML vulnerability, CVE-2021-40444 , was exploited to distribute the MerkSpy surveillance program. Ghostscript is widely used for document processing.

Risk 62

Risk Authentication Firmware Surveillance 62

eSecurity Planet

MAY 24, 2024

Document the findings: Keep track of the discovered assets, their classification, and the rationale for priority. Implement Security Controls Following NIST’s cloud security model, develop policies, methods, and technology for protecting cloud assets, such as access control, encryption, and network security.

Encryption 119

Encryption Risk Passwords Authentication 119

eSecurity Planet

APRIL 9, 2024

Evaluate the network architecture: Determine whether the SaaS provider uses network segmentation to separate client data and apps from one another, reducing the risk of unauthorized access and lateral movement in the event of a security breach. Gather feedback from all stakeholders, including IT, security, and business departments.

Risk 105

Risk Threat Detection Data breaches Encryption 105

eSecurity Planet

JUNE 21, 2024

Dashlane uses thorough breach scanning to provide password health scores, security alerts, and dark web monitoring. It employs security features like 256-bit AES encryption and 2FA, with master passwords encrypted using PBKDF2. Their password health checker and real-time dark web surveillance also improve overall security.

Password Management 103

Password Management Passwords Encryption VPN 103

eSecurity Planet

DECEMBER 19, 2023

By using the provider’s knowledge and resources, enterprises may have access to best practices and sophisticated security features without needing in-house security expertise. Automated Security Updates & Patching The underlying hardware and software infrastructure is managed and maintained by IaaS providers.

Encryption 113

Encryption Firewall Authentication Software 113

eSecurity Planet

JUNE 27, 2024

Increased attack surface: Flexible and scalable cloud infrastructures frequently result in misconfigurations and assets placed outside of security policies. By adhering to these best practices, you can build a strong cloud data security architecture that secures sensitive information.

Encryption 57

Encryption Authentication Risk Architecture 57