-
How to Combat Credential Theft and How to Protect from Attackers with Your Credentials
Imagine a home with a state-of-the-art safe designed to store valuable possessions like expensive jewelry or luxury items. While the safe may exude an aura of impenetrable security, its effectiveness can be compromised if an intruder discovers the combination written carelessly on a sticky note or obtains a copy of the physical key as they…
-
Common Entry Points #6 – Open Ports and Services
Every internet-facing system in your network must undergo a risk assessment and, if necessary, be secured by avoiding default ports and applying stringent restrictions.
-
Avoiding APT Attacks: The MDR Advantage
In the digital world, it’s rare to see a crime of passion. Most cyberattacks fall into the crimes of opportunity category, taking advantage of a situation that presents itself unexpectedly. They are usually launched by individuals or groups using readily available automated tools to target and exploit known vulnerabilities. Often referred to as “script kiddies,”…
-
Understanding and Leveraging the MITRE ATT&CK Advantage
Whether you are playing a friendly game of chess, planning a flanking attack for a modernized military force, or protecting your business against malicious threat actors, one thing is for certain: it is advantageous to be able to anticipate your adversary’s next move. A chess master, for example, memorizes famous moves to improve strategy and…
-
Detecting Lateral Movement – Decoding Cyber Threats with MITRE ATT&CK and Proactive Monitoring
23andMe is a personal genomics and biotechnology company based in Sunnyvale, California, and is known for its direct-to-consumer genetic testing kits. According to a blog post posted on its website on October 6, 2023, the company acknowledged falling victim to a credential-stuffing attack on its website. This cyberattack involved using stolen login credentials to enable…
-
Bolstering Your Cyber Armor: The Key Steps in Vulnerability Remediation
After nearly a decade of relatively stable numbers, there was a dramatic spike in newly discovered common vulnerabilities and exposures (CVEs), going from just under 6,500 in 2016 to over 14,700 in 2017. Since then, the number has only grown exponentially. HackerOne’s ethical hackers identified a whopping 65,000 vulnerabilities last year. According to those hackers, the rapid pace…