The-Full-Attack-Chain

⚔️ The Full Attack Chain — Capstone Red Team Engagement Int...

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency CISA maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive...

Who's Experimenting with AI Tools in Your Organization?

With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence—formerly the realm of data science and engineering teams—has become a resource available to every employee. From a productivity perspective, that's fantastic. Unfortunately for IT and...

What is Cracktivator software?

Cisco Talos coined the term "Cracktivator software" to reference counterfeit or modified software for pirated versions of Windows applications. One of our teammates, James Nutland, led the research to look into cracked versions of the Microsoft Windows operating system and other Microsoft...

How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes

From a user's perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you're seeking. Unfortunately, few users understand the implications of the permissions they allow when they...

Rapid7’s Mid-Year Threat Review

It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents. Rapid7’s 2023...

The VM Lifecycle: How We Got Here, and Where We’re Going

Written in collaboration with Joel Ashman The immutable truth that vulnerability management VM programs have long adhered to is that successful programs should follow a consistent lifecycle. This concept is simply a series of phases or steps that have a logical sequence and are repeated according...

Cyber Signals: Defending against cyber threats with the latest research, insights, and trends

We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and...

New insights on cybersecurity in the age of hybrid work

As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the mo...

Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do

After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system IDS programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Ti...

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

A Java-based ransomware known as PonyFinal has galloped onto the scene, targeting enterprise systems management servers as an initial infection vector. According to a warning on Twitter from Microsoft Security Intelligence on Wednesday, PonyFinal is not an automated threat, but rather has humans...

Qualys Cloud Platform 10.1.0 New Features

The upcoming release of the Qualys Cloud Platform VM, PC, version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA. 10.1.0 is scheduled to go li...

Qualys Response to Rapid7’s False Claims on VMDR

As remote working is becoming the need of the hour, IT and Security teams are working tirelessly to ensure continuity of services and deliver on all aspects of the business. To help our customers in these challenging times, we launched a 60-day no-cost ‘Remote Endpoint Protection’ service for...

The Pentagon Hasn't Fixed Basic Cybersecurity Blind Spots

Five years ago, the Department of Defense set dozens of security hygiene goals. A new report finds that it has abandoned or lost track of most of them...

4 tried-and-true prevention strategies for enterprise-level security

Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it. That is until you remember your upcoming teeth cleaning appointment. There is nothing like the memory of...

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover...

How to Secure Your Mid-Size Organization From the Next Cyber Attack

If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that smal...

Defending Credentials From Automated Attack Tools

By Danny Wasserman The folks on the Akamai Professional Services team are the people who help implement, configure, and tune the cloud security products that protect our customers' web applications from the daily onslaught of bots blasting login attempts against their websites, mobile apps, and...

China Chip Hack Shines Spotlight on Hardware and Supply-Chain Risk

Recent revelations in the press regarding hardware implants and supply-chain compromise are troubling and should be seen as an opportunity to assess our current threat model and security approach. This recently revealed situation is the hardware analogue to the software supply chain compromises w...

China Chip Hack Shines Spotlight on Hardware and Supply-Chain Risk

Recent revelations in the press regarding hardware implants and supply-chain compromise are troubling and should be seen as an opportunity to assess our current threat model and security approach. This recently revealed situation is the hardware analogue to the software supply chain compromises w...