Featured content

Without penetration testing, you might not recognize gaps, weaknesses, and vulnerabilities in your cyber defenses until it’s too late. A penetration test is essentially a simulation cyber-attack, where an internal team or partner will act as a hacker in an attempt to penetration your systems, data, or networks.

Managing information technology (IT) infrastructure across multiple clouds, servers, and environments can quickly become complex and unwieldy. But one of the best ways that enterprises can operate and grow infrastructure at scale is an Infrastructure-as-code (IaC) solution called Terraform. But what is Terraform and how does it work?

The LAPSUS$ cybercrime group made headlines recently after taking credit for high-profile attacks on major companies including Microsoft, Okta, Samsung, Ubisoft, and NVIDIA (confirmed by Microsoft and Okta). This group's goal, like many others, is to steal sensitive data, threaten to leak it, and extort their victims.

There are numerous tools freely available to cybersecurity professionals to assist in analyzing malware. Ghidra was first released a couple of years ago and has proved to be relatively popular due to it being a free tool that can be used to disassemble malware.

The majority of cyberattacks these days come in the form of automated attacks, made possible by botnets. But what is a botnet? It’s a way for hackers to leverage a collection of compromised devices to carry out various types of attacks.

Varonis Threat Labs researchers have discovered a technique where threat actors with existing high privileges can inject synthetic SIDs into an Active Directory Access Control List (ACL). This creates a scenario where backdoors and hidden permission grants can occur when a new account is created with a matching legitimate SID.

Conti, one of the most infamous, prolific and successful big game ransomware threats, has suffered yet another embarrassing leak with a treasure trove of both internal chat transcripts and source code being shared by a reported Ukrainian member (Figure 1).

Ransomware as a service (RaaS) is a major threat to all cybersecurity data and systems. Similar to Software-as-a-Service, RaaS provides easy subscription-based access to ransomware to those with little-to-no programming expertise.

It’s no secret that malware is a huge problem, whether it be an infected laptop that you use for home banking and watching Netflix, all the way to multi-million-pound organizations that store customer credit card and banking details. But what happens once a machine is infected with malware? The answer to that question depends on what type of malware has infected the device as there are different types of malware that each have their own malicious characteristics.

Okta’s Business of Work study revealed that large organizations use an average of 175 different SaaS apps. Imagine how many different configuration settings, user- and role-level permissions, and API endpoints that represents. Enough to give any CISO a mild panic attack.

What is Business Email Compromise (BEC)? Business Email Compromise is an email-based phishing attack that specifically targets businesses and organizations to steal money, sensitive information, or account credentials. These attacks can be difficult to prevent as criminals may utilize social engineering techniques such as impersonation and intimidation to manipulate users.

In 2021, attacks became highly effective and impactful. At the same time, high-volume indiscriminate ransomware threats remained omnipresent throughout the year.