By Andrew Loschmann, Chief Operating Officer, Field Effect Advancing your cyber security capabilities as you scale is an obvious need. But if you’re resourced like many infosec departments, either very lean or running solo, it’s always easier said than done. And as the pandemic throws more on your plate — there are often big expectations to meet, yet skilled talent and budget may be lacking. If you’re feeling like you’re wearing multiple hats, rushing from one emergency to the next, or…

The US Department of Justice has reportedly launched a new ransomware task force, after an infamous threat group claimed to have stolen Apple trade secrets via a supplier. The REvil (Sodinokibi) group is reported to have posted a blog to its dark web-hosted naming and shaming site in which it claims to have compromised the network of Taiwanese supplier Quanta Computer. As the firm refused to pay the $50 million ransom, REvil is now putting the…

A threat prevention firm is claiming to have access to 1.3 million breached RDP servers and their credentials, which were put up for sale on a popular dark web site. New York-headquartered Advanced Intelligence is offering a new free service enabling concerned organizations to check if their RDP servers were part of the trove. Ultimate Anonymity Services (UAS) has been running for around five years on the dark web, specializing in providing access to RDP…

Security researchers have discovered that a persistent cryptocurrency mining botnet is exploiting still-unpatched Microsoft Exchange servers to grow globally. Dubbed “Prometei,” the botnet was first reported on in July 2020 and is thought to have been around since 2016, according to Cybereason Nocturnus. However, the research team found a new development in that the threat actors behind it have been exploiting Microsoft Exchange vulnerabilities CVE-2021-27065 and CVE-2021-26858 to penetrate victim networks, steal credentials and install…

In the previous blog post about multi-cloud we talked about multi-cloud and what the impact it has to the I&O organization. And for most I&O organizations it is a journey to move from traditional IT management to a cloud operating model for multiple clouds. In this blog post we will look into the evolution of cloud over time. We’ll dive into the two evolutionary steps that most enterprises go through in their cloud journey. Cloud…

The last time you were in a library, or a bookstore, you probably noticed how quiet it was.  This doesn’t mean that people weren’t excited, or downright celebrating, they were engaged in a different method of celebration; the kind that takes place between the covers of a good book. April 23rd marks the celebration of World Book and Copyright Day. As eloquently stated on the UNESCO web page, “through reading . . . we can…

Imagine an arc. Not just any arc. A rainbow. When we think of a rainbow, it conjures impressions of color, inspiration and even supernatural characteristics.  Does your cybersecurity program long for a magical pot of gold at the end of a rainbow? With all the moving parts of cybersecurity, sometimes it seems like we are merely chasing rainbows. However, it doesn’t have to be that way. Now, thanks to the innovative products in the Tripwire catalog, there is…