Afternoon Cyber Tea: Revisiting social engineering: The human threat to cybersecurity

Most of us know ‘Improv’ through film, theatre, music or even live comedy. It may surprise you to learn that the skills required for improvisational performance art, can also make you a good hacker? In cybersecurity, while quite a bit of focus is on the technology that our adversaries use, we mus...

CVE-2020-5384

Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability by using an alternate path to bypass authentication in order to gain full access to the system...

Paving the Path to Passwordless

Passwords seem to be the digital equivalent of the phrase, “can’t live with ’em, can’t live without ’em.” They’re supposed to protect sensitive information and data, but passwords can also be incredibly frustrating; you shouldn’t use the same one across the board, which means you probably have...

Prevent and detect more identity-based attacks with Azure Active Directory

Security incidents often start with just one compromised account. Once an attacker gets their foot in the door, they can escalate privileges or gather intelligence that helps them reach their goals. This is why we say that identity is the new security perimeter. To reduce the risk of a data breac...

E-Verify’s “SSN Lock” is Nothing of the Sort

One of the most-read advice columns on this site is a 2018 piece called "Plant Your Flag, Mark Your Territory," which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A k...

Broad, Ongoing Cyberattacks Targeting Australia Underscore Need for Behavioral-Based Cybersecurity

On Friday the Australian Federal Government detailed sustained ‘copy-paste’ threats on government and business throughout the country. According to the Government: “‘Copy-paste compromises’ is derived from … heavy use of proof-of-concept exploit code, web shells and other tools copied almost...

Turn on MFA Before Crooks Do It For You

Hundreds of popular websites now offer some form of multi-factor authentication MFA, which can help users safeguard access to accounts when their password is breached or stolen. But people who don't take advantage of these added safeguards may find it far more difficult to regain access when thei...

Mitigating Credential Stuffing Attacks in the Financial Sector

If You Think Multi-Factor Authentication Prevents Credential Stuffing, Think Again! Financial services firms around the world are experiencing credential stuffing attacks at an alarming rate. Cybercriminals are using readily available automation tools, botnets, and compromised account credentials...

11 security tips to help stay safe in the COVID-19 era

The COVID-19 pandemic has changed our daily routines, the ways we work, and our reliance on technology. Many of us are now working remotely, students are attending classes virtually, and we’re relying more on social media and social networks to stay connected as we define what our new normal look...

Operational resilience in a remote work world

Microsoft CEO Satya Nadella recently said, “We have seen two years’ worth of digital transformation in two months.” This is a result of many organizations having to adapt to the new world of document sharing and video conferencing as they become distributed organizations overnight. At Microsoft, ...

Protect your accounts with smarter ways to sign in on World Passwordless Day

As the world continues to grapple with COVID-19, our lives have become increasingly dependent on digital interactions. Operating at home, we’ve had to rely on e-commerce, telehealth, and e-government to manage the everyday business of life. Our daily online usage has increased by over 20 percent...

Tales From the Trenches; a Lockbit Ransomware Story

ARCHIVED STORY Tales From the Trenches; a Lockbit Ransomware Story By ATR Operational Intelligence Team · APR 30, 2020 Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past...

Tales From the Trenches; a Lockbit Ransomware Story

ARCHIVED STORY Tales From the Trenches; a Lockbit Ransomware Story By ATR Operational Intelligence Team · APR 30, 2020 Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past...

Accessing Citrix Cloud using Multi-Factor Authentication

Requirements Existing Citrix Cloud Adminlogin credentials Should have set up Multi-Factor Authentication...

Microsoft Office 365 Security Recommendations

Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 O365 and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully...

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

At a time when remote work is becoming universal and the strain on SecOps, especially in healthcare and critical industries, has never been higher, ransomware actors are unrelenting, continuing their normal operations. Multiple ransomware groups that have been accumulating access and maintaining...

Principles of a Cloud Migration – Security, The W5H – Episode WHAT?

Teaching you to be a Natural Born Pillar! Last week, we took you through the “WHO” of securing a cloud migration here, detailing each of the roles involved with implementing a successful security practice during a cloud migration. Read: everyone. This week, I will be touching on the “WHAT” of...

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry

Over the last fifteen years, attacks against critical infrastructure figure1 have steadily increased in both volume and sophistication. Because of the strategic importance of this industry to national security and economic stability, these organizations are targeted by sophisticated, patient, and...

Security guidance for remote desktop adoption

As the volume of remote workers quickly increased over the past two to three months, the IT teams in many companies scrambled to figure out how their infrastructures and technologies would be able to handle the increase in remote connections. Many companies were forced to enhance their capabiliti...

Enterprise VPN Security

Summary As organizations prepare for possible impacts of Coronavirus Disease 2019 COVID-19, many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network VPN solution to connect employees to an organization’s...