Ransomware Business Models: Future Pivots and Trends

Ransomware Business Models: Future Pivots and Trends

RDP port 3389 remains a popular service abused by ransomware actors to gain initial access to systems located and connected to on-premise infrastructure. However, as more organizations shift to the cloud services for file storage and active directory systems, ransomware groups will look for more opportunities to develop and/or exploit vulnerabilities not yet leveraged at scale. Evolutions Gradual evolutions in the current modern ransomware models as we know them are expected to be tweaked in…

Read More

Intrusion Detection & Prevention Systems Guide

Intrusion Detection & Prevention Systems Guide

Don’t get stuck choosing between on or the other. Ideally you want to find an IDS and IPS solution that integrate – forming IDPS – for full detection and response capabilities. IDS will give you a deep understanding of how traffic is moving across your network, while IPS provides active network security by preventing and remediating detections. Making an informed decision Not all security solutions are the same. Some vendors are marketing masters who make…

Read More

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT Cloud We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool. By: David Fiser, Alfredo Oliveira December 12, 2022 Read time:  ( words) We’ve previously written about cryptojacking scenarios involving Linux machines and specific cloud computing instances being targeted by threat actors active in this space such as TeamTNT. We found that the routines and chain of…

Read More

Cybersecurity Reflections from 26 Years at Trend

Cybersecurity Reflections from 26 Years at Trend

I started my cybersecurity journey in July 1996 as a sales engineer for a cybersecurity company, Trend Micro, that had already been around for 8 years. Having been in the industry for 26 years now – all of them at Trend Micro – I may have a bit of bias toward what we’ve been able to accomplish over the years, but I wanted to share my excitement about what we’re doing today and will be…

Read More

Cyber Insurance Policy Underwriting Explained

Cyber Insurance Policy Underwriting Explained

Businesses are often in the dark when it comes to applying for a cyber insurance policy. What documentation is necessary? What should they expect? What security controls are underwriters actually looking for? I spoke to John Hennessy, RVP of underwriting at Cowbell, for an insider’s perspective on the underwriting process. Q: What should people know about cyber insurance underwriters?Q: What does the typical underwriting engagement look like?Q: What are some of the non-security factors underwriters…

Read More

Cybersecurity Plan: 3 Keys for CISOs

Cybersecurity Plan: 3 Keys for CISOs

Today’s CISO is a lot like a football coach. Both need to have a vision for success. Both need to build a team and win over the respect of their players. And both are judged on performance. In football, the main performance metric is wins, including all the steps that go into winning: first downs, completed passes, turnovers, touchdowns. What does performance mean for today’s CISO? Well-known KPIs, such as mean time to recovery (MTTR),…

Read More

Data Exfiltration Prevention with SASE

Data Exfiltration Prevention with SASE

Read: The boom in digital connectivity has made data privacy a top concern for businesses. As businesses use more SaaS and cloud applications existing in public clouds, they lose visibility and control. Data exfiltration can not only cause operational and reputational harm, but can lead to revenue losses, hefty compliance fines, expensive class-action lawsuits, and even ransomware demand and recovery costs.  Unfortunately, protecting data is not a simple feat in hybrid- and multi-cloud environments. This…

Read More

How a Unified Security Platform Protects the Cloud

How a Unified Security Platform Protects the Cloud

Cloud solutions are business-essential these days. Organizations are using hybrid and multi-cloud environments to connect users, data, applications, workloads, and devices in dynamic ways. But that growing dependence on the cloud has also expanded the attack surface, adding layers of potential vulnerability and putting security and compliance risks at the top of enterprise concerns. While it’s common practice to address these threats with best-of-breed point solutions, the sheer number of products required to cover the…

Read More

Security Culture Matters when IT is Decentralized

Security Culture Matters when IT is Decentralized

Decentralized structures can give organizations powerful agility and speed up the deployment of new technologies. But the cost of decentralization is that it’s hard to ensure decisions are made consistently and with all the right considerations in mind—which is a very real problem when it comes to security. Fifty-six percent of CISOs in EY’s 2021 Global Information Security Survey said their teams are consulted late or not at all when company leaders make time-sensitive strategic…

Read More

Cyber Risk Index 1H’22 Snapshot

Cyber Risk Index 1H’22 Snapshot

The Global and Regional CRI The current global cyber risk index is at -0.15, which is considered an elevated risk level. This is a slight increase in risk from the second half of 2021, when it was -0.04.  Organizations in North America and Asia-Pacific saw an increase in their cyber risk from that period while Europe and Latin/South America’s risk decreased in comparison. Digging into each of the four regions, North America’s CRI was the…

Read More
1 4 5 6 7 8 18