IT Security Information
Get regular updates on current threats such as ransomware, phishing, CEO fraud and business email compromise.
Mastering and Leveraging the MITRE ATT&CK Framework on Cyber Threat Detection
History of MITRE ATTACK Framework The requirement to track and catalog typical TTPs (Tactics, Techniques, and Procedures) that APT (Advanced Persistent Threat) organizations used against business Windows networks was first addressed by MITRE in 2013. FMX (Fort Meade...
Malware vs. Viruses: Understanding the Threat Landscape
There is a misconception about what malware and viruses are. Many people use it interchangeably, however, they are two different things. Malware is any malicious software that has a goal to harm someone's data or systems. The virus is just a type of malware. In this...
Human Vulnerabilities – Exploring Types of Social Engineering Attacks
It’s Monday morning; you have a fresh cup of coffee in hand and are ready to check the emails from the weekend. A new email has arrived in just the last hour from the CFO requesting the immediate payment of an attached overdue invoice missed by the finance team. A...
The Significance of Encrypted File Transfer for Data Security
In this article, we're going to look at encrypted file transfers and why this is an important but often overlooked component of cyber security. There are a few basic things in computer security that will never change, such as the need to protect your data against...
Defending Your Organization Against Whaling Phishing
Do you hold a high-authority position within your organization, such as a C-level executive like CEO, CTO, CFO, CMO, and CLO? If so, this article is written to assist you in navigating through phishing attacks that target profiles of individuals in your role. It is...
Understanding Supply Chain Attacks and Protecting Your Business
In today's complex infrastructure, there are a lot of software and hardware dependencies. As a vendor, you are not always in control of all dependencies, but leverage them for your product or service to work properly. Using third-party dependencies and integrating...
Fortifying Your Fortress with Defense Tactics Against the Golden Ticket Attack
What is Golden Ticket Attack The concept of the Golden Ticket originated from a security researcher and developer named Benjamin Delpy, who is known for creating a powerful post-exploitation tool Mimikatz, a credential dumping utility capable of obtaining plaintext...
Cyber Security Facts You Wish You Knew Earlier
The world of cyber security facts is filled with surprises. Did you know that 95% of breaches are caused by human error? Or that 70%+ of attacks are financially motivated, with less than 5% coming from espionage? It might sound unusual, but these are some of the...