Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks

Threat actors are leveraging digital document publishing DDP sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate...

4 Steps to Creating a Powerful Research Lab for Reverse Engineering

However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse engineering lab, discuss how to save time, and, potentially, improve the detection rate using a sandbox-as-a-service, and a recommended lis...

Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

In the last two years, we’ve seen a staggering increase in the adoption of cloud-based services, remote work solutions, bring your own device BYOD, and IoT devices as organizations digitally transform themselves to enable a hybrid workforce.1 Zero Trust has become the essential security strategy...

Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

In the last two years, we’ve seen a staggering increase in the adoption of cloud-based services, remote work solutions, bring your own device BYOD, and IoT devices as organizations digitally transform themselves to enable a hybrid workforce.1 Zero Trust has become the essential security strategy...

New insights on cybersecurity in the age of hybrid work

As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the mo...

New insights on cybersecurity in the age of hybrid work

As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the mo...

NetIQ Access Manager Denial of Service Vulnerability

NetIQ Access Manager provides a simple, secure and scalable solution to handle all your web access needs. Whether your users are accessing on-premise or cloud-based services using a cell phone or laptop, Access Manager is secure and provides a single sign-on experience.A denial-of-service...

Zero Trust Adoption Report: How does your organization compare?

From the wide adoption of cloud-based services to the proliferation of mobile devices. From the emergence of advanced new cyberthreats to the recent sudden shift to remote work. The last decade has been full of disruptions that have required organizations to adapt and accelerate their security...

Zero Trust Adoption Report: How does your organization compare?

From the wide adoption of cloud-based services to the proliferation of mobile devices. From the emergence of advanced new cyberthreats to the recent sudden shift to remote work. The last decade has been full of disruptions that have required organizations to adapt and accelerate their security...

Forcepoint and Microsoft: Risk-based access control for the remote workforce

This blog post is part of the Microsoft Intelligence Security Association MISA guest blog series. Learn more about MISA here. Adopting cloud-based services as part of an organization’s digital transformation strategy is no longer optional, its a necessity. Last year, only 18 percent of the...

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have found. This is largely driven by cybercriminals who sell access to what they call “clouds of logs,” which are caches of stolen...

CrimeOps of the KashmirBlack Botnet – Part I

Introduction Being in a research team exposes us to a variety of attacks on different platforms, of different types, scope, and volume. It also gives us the opportunity to select particularly interesting attacks that target our customers and to analyze them. This blog will give you a taste of the...

Cybersecurity Firm Imperva Discloses Breach

Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores,...

ACSC Releases Advisory on Password Spraying Attacks

The Australian Cyber Security Centre ACSC has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This...

Edge DNS Secondary Implementation: Order or Operations for NS Zone & Registrar Records

Akamai's Edge DNS service provides cloud-based, authoritative domain services to thousands of organizations. Edge DNS is the most widely deployed cloud DNS service pushed to the edge of the Internet. Every organization must protect their domain name. Akamai originally built Fast DNS now Edge DNS ...

Hanwha Techwin Smartcam Remote Code Execution Vulnerability

Hanwha Techwin Smartcam is a series of security surveillance cameras based on cloud-based services. A remote code execution vulnerability exists in Hanwha Techwin Smartcam. An attacker can exploit this vulnerability to achieve remote code execution...

Hanwha Techwin Smartcam Unencrypted Remote Control and Communication Vulnerability

Hanwha Techwin Smartcam is a series of security surveillance cameras based on cloud-based services. Hanwha Techwin Smartcam has unencrypted remote control and communication methods. A detailed vulnerability description is not available at this time...

Hanwha Techwin Smartcam Remote Password Change Vulnerability

Hanwha Techwin Smartcam is a series of security surveillance cameras based on cloud-based services. A remote password change vulnerability exists in Hanwha Techwin Smartcam. An attacker can exploit this vulnerability to remotely change a password...

Hanwha Techwin Smartcam Buffer Overflow Vulnerability

Hanwha Techwin Smartcam is a series of security surveillance cameras based on cloud-based services. Hanwha Techwin Smartcam suffers from a buffer overflow vulnerability that can be exploited by an attacker to cause a denial of service...

Hanwha Techwin Smartcam Authentication Bypass Vulnerability

Hanwha Techwin Smartcam is a series of security surveillance cameras based on cloud-based services. An authentication bypass vulnerability exists in Hanwha Techwin Smartcam. An attacker can exploit the vulnerability to bypass authentication...