Cybersecurity |
Sponsored by |
|
A few weeks back, we added unpublicized artifacts to the list of indicators of compromise (IoCs) published by both FireEye and Open Source Context back in December 2020. Some would have thought that would put a stop to the havoc the SolarWinds threat actors have been wreaking, but the group targeted Malwarebytes just recently according to a company report. more
A couple of weeks back, a security researcher alerted his LinkedIn contacts about possibly ongoing targeted attacks stemming from the Iranian subnet 194[.]147[.]140[.]x. He advised cybersecurity specialists to watch out for subnets that may be threatful and consider blocking them. This post encouraged us to look into the subnets and details our findings using IP Netblocks WHOIS Database. more
The 2020 COVID pandemic forced businesses to double down on their digital investments as in-person moved online. Brands refined and upped their marketing investments across digital channels - email, websites, social media, apps, and advertising - to serve their customers along their digital buying journeys. more
An enterprise's domain portfolio continues to change as it offers new products and services or withdraw old ones. Mergers, acquisitions, and buyouts would also affect its domain portfolio. Constant monitoring of one's domain portfolio and its related infrastructure is crucial in today's cybersecurity landscape. more
Know-your-customers (KYC) policies aim to minimize the risk of money laundering, bribery, and other types of fraud. While it was originally implemented in financial institutions, companies outside the financial sector have adapted KYC with digital transactions as the primary driver. These days, the approach is enforced by virtual asset dealers, nonprofit organizations, and even social media companies. more
Blind Eagle is a South American threat actor group believed to be behind APT-C-36 and that has been active since at least 2018. It primarily targets Colombian government institutions and large corporations in the financial, petroleum, and professional manufacturing industries. more
The SolarWinds hack affected several government agencies and tech companies in the U.S. and worldwide. The sophisticated malware attack is believed to have compromised the trusted IT management software as early as March 2020 but only came to light in December. more
For most people, a domain is just an address that you type into a browser, but for businesses, domain names are the foundation of their online presence. A recent article says, "When it comes to operating a business online, the domain name is the center of everything. The domain name should ensure a frictionless and painless experience for the company, its customers, its partners and suppliers, and its employees." more
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs), collectively called "intrusion detection and prevention systems (IDPSs)," monitor network traffic to stave off unauthorized access. Roughly speaking, an IDS detects possible malicious network activities, while an IPS stops malicious traffic from entering and possibly damaging a network. more
Why go after individuals when you can get greater rewards by zooming in on more lucrative targets like large multinational corporations (MNCs)? That's the premise behind the Cosmic Lynx business email compromise (BEC) campaign that brought several MNCs, many of which were Fortune 500 or Global 2000 companies, to their knees. more