How are user credentials stolen and used by threat actors?

Youve no doubt heard the phrase, "Attackers dont hack anyone these days. They log on." By obtaining or stealing valid user account details, an attacker can gain access to a system, remain hidden, and then elevate their privileges to "log in" to more areas of the network. Unfortunately, the use of...

Rapid7 Belfast Recognized for “Company Connection” During COVID-19 Pandemic

Irish News has recognized Rapid7 in its Workplace and Employment Awards, where we’ve taken home the trophy for Best Company Connection. Reflecting on the past two years, this award recognizes the organization that best demonstrates how it has adapted its workplace well-being strategy to the...

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning ...

Router security in 2021

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Routers are forever being hacked and infected, and used to infiltrate local networks. Keeping this gate locked so that no one can stroll right through is no easy task. It is not always clear...

CVE-2022-31024

The CVE-2022-31024 issue affects Nextcloud richdocuments (Collabora) where federated shares can cause a user to edit against a remote Office by default (iframe-based exploitation). Root cause: federation setup allows instructing a user’s editing session to target a different server. Affected vers...

8 Ways to Avoid CISO Burnout

Times have changed In recent years the job of Chief Information Security Officer CISO has become more and more frenetic and involved. Already stretched CISOs have the added responsibilities of employee management in a time of a global pandemic, staff retention when priorities have changed and...

COVID Does Not Spread to Computers

"…well, of course!" is what you might think. It's a biological threat, so how could it affect digital assets? But hang on. Among other effects, this pandemic has brought about a massive shift in several technological areas. Not only did it force numerous organizations - that up to now were...

Cyber Signals: Defending against cyber threats with the latest research, insights, and trends

We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and...

Not with a Bang but a Whisper: The Shift to Stealthy C2

As defensive tools have evolved to detect more and more traditional attack techniques, it should come as no surprise that attackers have shifted tactics. This ever-evolving arms race between offensive security toolsets, bespoke advanced persistent threat APT malware and the billion-dollar infosec...

What Are Your Top Cloud Security Challenges? Threatpost Poll

There are myriad reasons that organizations are moving en masse to the cloud: Digital transformation, the ability to be more agile, cost reduction, better collaboration and productivity, and, in these pandemic times, a better ability to support remote working. Cybercriminals are moving to the clo...

Strategy for the Office Anywhere

Organizations must deploy a remote working strategy that suits the office anywhere model CIOs need to demonstrate leadership as we move out of lockdown into a new model of working in which the office is wherever the employee is. It’s time to build on this initial success and embed a remote workin...

PSA: Widespread Remote Working Scam Underway

Ive just gotten off the phone with a victim of the scam that Im about to describe. This is impacting a lot of folks, so please do spread the word. Its infuriating. Ill be around to reply to your comments below, but please do not engage in victim-blaming, because until youve actually been hit by o...

Securing the Enterprise Network for the Office Anywhere

During the pandemic, it was reassuring to see businesses demonstrating resilience and enabling remote working for their employees — in some cases, practically overnight. As businesses slowly reopen their doors, it is clear that many things have changed, key amongst them the increasing risks to th...

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime worlds modus operandi. This report shares our insights into the Russian-speaking cybercrime worl...

Zero Trust Requires Cloud Data Security with Integrated Continuous Endpoint Risk Assessment

Every once in a while, an industry term will get overused by marketing to the point of becoming a cliche. "Zero Trust" may have reached this threshold. In some ways, we understand why this is happening. Security perimeters have become obsolete as people use mobile devices and cloud applications t...

Combat attacks with security solutions from Trustwave and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise and often...

How to spot a DocuSign phish and what to do about it

Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. And the brands phishers like most are the ones youre expecting to hear from, or wouldnt be surprised to hear from, like Amazon or DHL. Now you can add DocuSign to that list...

Friends Reunion Anchors Video Swindle

The second quarter saw a rise in entertainment lures for fraud and phishing, including one campaign capitalizing on the buzz around “Friends: The Reunion.” Researchers at Kaspersky found fake sites supposedly hosting video for the much-anticipated special episode of the popular sitcom, according ...

Once Again, Rapid7 Named a Leader in 2021 Gartner Magic Quadrant for SIEM

Rapid7 is elated for InsightIDR to be recognized as a Leader in the 2021 Gartner Magic Quadrant for Security Information and Event Management SIEM. This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report. Access the full complimentary report from us her...

Cloud vs on premises: 3 reasons the Cloud is winning

Thanks to the vast rollout of COVID-19 vaccines to millions of people in the US and Europe, some of us are finally seeing some semblance of a return to normalcy. And organizations, who have experienced first-hand the struggle to stay afloat during months of struggle, are expecting to transition...