News
-
Linux-Targeted Malware Increased by 35%
Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. Ten times more Mozi malware samples were observed in 2021 compared to 2020.…
-
High anxiety spreads among Russian criminal groups in wake of REvil raid
The crackdown on members of the REvil ransomware gang by agents of the Kremlin’s domestic security force January 14 is sending a wave of distress and dread through the Russian hacker underground, according to researchers at Trustwave’s SpiderLabs. “What our researchers found was a great deal of anxiety and consternation from those who participate in…
-
High anxiety spreads among Russian criminal groups in wake of REvil raid
The crackdown on members of the REvil ransomware gang by agents of the Kremlin’s domestic security force January 14 is sending a wave of distress and dread through the Russian hacker underground, according to researchers at Trustwave’s SpiderLabs. “What our researchers found was a great deal of anxiety and consternation from those who participate in…
-
Stories from the SOC – Inactive Account Exploitation
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive summary One of the primary ways that adversaries gain access to environments is through valid credentials. Because of this, maintenance and auditing…
-
Stories from the SOC – Inactive Account Exploitation
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive summary One of the primary ways that adversaries gain access to environments is through valid credentials. Because of this, maintenance and auditing…
-
22 cybersecurity myths organizations need to stop believing in 2022
The past few years have seen a dramatic shift in how organizations protect themselves against attackers. The hybrid working model, fast-paced digitalization, and increased number of ransomware incidents have changed the security landscape, making CISOs’ jobs more complex than ever. This convoluted environment requires a new mindset to defend, and things that might have held…
-
22 cybersecurity myths organizations need to stop believing in 2022
The past few years have seen a dramatic shift in how organizations protect themselves against attackers. The hybrid working model, fast-paced digitalization, and increased number of ransomware incidents have changed the security landscape, making CISOs’ jobs more complex than ever. This convoluted environment requires a new mindset to defend, and things that might have held…
-
Red vs. blue vs. purple teams: How to run an effective exercise
In the arsenal of cybersecurity defenses is the exercise that goes by the name of red team/blue team simulated attack. These simulations are designed to closely mimic real-world conditions. For example, one red team member might take on the role of an employee clicking on a phishing link that deposits malware on the network. The…
-
Red vs. blue vs. purple teams: How to run an effective exercise
In the arsenal of cybersecurity defenses is the exercise that goes by the name of red team/blue team simulated attack. These simulations are designed to closely mimic real-world conditions. For example, one red team member might take on the role of an employee clicking on a phishing link that deposits malware on the network. The…
-
Friday Squid Blogging: Piglet Squid
Nice article on the piglet squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More