Among a high-profile wave of cyberattacks in March 2021, tens of thousands of email servers worldwide fell victim due to a vulnerability in the Microsoft Exchange Server. Through a so-called zero-day exploit, the vulnerabilities were targeted by a previously unknown Chinese espionage group called "Hafnium.” As a result, national authorities warned thousands of companies to quickly close the gap in their own Exchange servers as Microsoft released patches to fix the vulnerabilities in Exchange servers shortly after.

In this paper, we will clarify the temporal process: What happened? Could the attacks have been prevented?

On June 19, Australian Prime Minister Scott Morrison reported that businesses are targeted by a sophisticated, state-based cyber actor. In recent months, there has been a prominent increase in attacks targeting all levels of government, political organisations, the private sector, essential services, education, medical research and development. Other countries are also detecting a similar pattern. 

On the trail towards EDR

In our last blog post "Silent hacker attacks and the need for detection mechanisms" we talked about covert cyber attacks and the need for detection tools. Now we would like to present a typical Endpoint detection and response solution with its building blocks.

Again and again, we read about hacking incidents where attackers can spy on a company, an authority or a ministry and remain unnoticed for months without affecting the systems.

The Base Formula for Preventing Cyber Security Incidents 

From one of our previous post, "Coronavirus calls hackers to the scene", we are already informed about basic precautions and protection measures we must take when working from the home office.

As we brace ourselves to contain the spread of Covid-19 globally, it is of utmost importance for companies and enterprises to upkeep their business momentum in current challenging times. Increasingly, companies are encouraging employees to work from home to minimise physical contact. It is critical for endpoints to be well protected for employees to continue to be productive as they are working from home. However, the situation also presents opportunity for possible cyber security threats, malware attacks and social engineering to take place.

With over 36,000 attendees, 700 speakers, and 650 exhibitors, the RSA conference in San Francisco was a successful and rewarding event. The conference was attended by both boutique and well-known IT security firms from around the world.

What you need to consider when it comes to IT security to keep your systems virus-free.

In recent weeks, the coronavirus has become the main topic for the global population, health authorities, politicians and organisations. For hackers, the panic and hysteria caused by the situation provide a perfect opportunity to successfully distribute malware. Therefore, the virus topic meets all the requirements for a successful cyberattack. 

People require up-to-date information regarding the virus. TV, radio, online guides and news, newsletters or emails are all sources of information that are accessed by the public. 

Prevention, Detection and Response - Do You Have Gaps In Your Security Architecture? 

The importance of endpoint security continues to be prevalent in today's threat landscape as 70% of all breaches are found to have originated from the endpoint. More than 42% of endpoints experience encryption failures, 75% of organisations state their IT security team are not able to respond to security incidents aptly and quickly. Therefore Endpoint security plays a very significant role in securing your systems and data. It can prevent data loss, stop the execution of malware opened by negligent employees and protect against malicious traffic. 

The world of IT security is evolving in 2020, are we? 

Risk lies around every corner and should be expected at any time. In the world of IT, risk is inherently everywhere and comes in many shapes and forms. Consequently, the task of writing down all possible risks threatening an IT infrastructure can be daunting and never-ending.

The major strategic goal of cyber security in the digital age is to combat and mitigate data breaches. A company's data is its most valuable asset to protect.

In the last blog post "This is how IT security works with Zero Trust today" we talked about what Zero Trust is and the rationality behind it.

Why today's IT security architectures should be designed according to the ZERO TRUST model

by Alfred Ortiz, CEO of CyberSoftwareDistributors LLC and Doctoral Candidate in Information Systems at IE University in Madrid, Spain.  

In 2017, WannaCry Ransomware spread to 100 countries over a weekend. Don't expect patching to stop the business model of digital blackmail. Be prepared!

By Alma Pranoto

Picture by LaymanZoom | iStock

By Alma Pranoto

1. THE SHOCKING STATISTICS OF DATA BREACH

According to the IBM 2018 Cost of a Data Breach Study, it costs $3.86 million US to cover an average data breach. This cost will increase by 6.4% per year and the likelihood of a recurring breach over the next two years is 27.9%. 

                                                                                                                                                  Picture by Antonio Guillem

by Mohamad Ashokaibi

• CFO: “I've lost my USB thumb drive. Lots of important spreadsheets were there! Do something please!”
  
  
• Project Manager: “I’ve just used my USB external drive on a contractor’s laptop who said he never had an AV. Can I use it safely on the company’s laptop again?”
  
  
• Sales Lady: “Remember the USB drive the company has given me? Seems I dropped it in that taxi yesterday while on my way home. Could I ever know what I backed up on it before leaving the office?”
  
  
• Engineering Team Lead: “Since my colleague checked her SD card on my PC this morning I don’t seem to be able to open my project documents anymore. They all are unreadable. What could it be?”
  
  

• Risk Management Head: “We have a new requirement; all USB storage devices must be blocked inside our corporate network, except company-provided sticks which must be encrypted before use. Can we do that?”

                                                                                                                                                    Picture by nd3000 | iStock

by Mohamad Ashokaibi