Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers. […]
New macOS ‘KandyKorn’ malware targets cryptocurrency engineers
A new macOS malware dubbed ‘KandyKorn’ has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform. […]
BlackCat ransomware claims breach of healthcare giant Henry Schein
The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. […]
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems
U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. […]
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks
A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads. […]
Cloudflare Dashboard and APIs down after data center power outage
An ongoing Cloudflare outage has taken down many of its products, including the company’s dashboard and related application programming interfaces (APIs) customers use to manage and read service configurations. […]
Cybersecurity Defense in Depth
When the threat actors break down your door, make sure you have another door.
Defense in depth is a security approach that involves deploying multiple layers of security tools, mechanisms, and policies in tandem. The goal is to create a robust defense system where if one layer fails, others will step in to protect against threats.
Analogies:
- Imagine a medieval castle with multiple moats, walls, and parapets. Each layer adds an additional barrier for attackers.
- In military terms, it’s akin to a defending army strategically retreating into its homeland’s interior, trading space for time.
Example:
PERIMETER SECURITY
Firewall, Penetration Testing, IDS/IPS, DDoS Protection
NETWORKING SECURITY
VPN, Wi-Fi Security, Secure DMZ, MDR, Continuous Monitoring
ENDPOINT SECURITY
NGAV/EDR, Asset Tracking, Rogue Device Monitoring, Patch Management, MFA, Endpoint Encryption
DATA SECURITY
PAM, MFA, Email Encryption, Data Backups, Database Monitoring, SIEM
BUSINESS OPERATIONS
Service Desk, SOC, Business Continuity, Disaster Recovery, Policies & Procedures, Governance, User Training, Vulnerability Management
PHYSICAL SECURITY
CCTV Security System, Access Control System, Guest Management, Alarm System, Power Backup, Fire Suppression
Defense in depth isn’t about relying on a single tool it’s about creating a resilient fortress where attackers face relentless obstacles. If you environment, account, resource, application is defeated by one single point of failure you need better defense in depth.
SaaS Security is Now Accessible and Affordable to All
This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model
Securing employees’ SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter
Securing employees’ SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter
Iran’s MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent.
Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign “exhibits updated TTPs to previously reported MuddyWater activity,”
Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign “exhibits updated TTPs to previously reported MuddyWater activity,”
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover
As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems.
“By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges,” Takahiro Haruyama, a
“By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges,” Takahiro Haruyama, a