Monday 4/8
Improving Detection and Response: Making the Case for Deceptions (Proofpoint)
How can you find and stop attackers more quickly? The answer lies in your approach. Let’s take a closer look at how security teams typically try to detect attackers. Then, we can better understand why deceptions can work better.
https://www.proofpoint.com/us/blog/identity-threat-defense/deception-technology-better-for-threat-detection-response-than-honeypots
The Continuing Rise of Remote Code Execution (Arctic Wolf)
Once an attacker successfully exploits an RCE vulnerability, they can potentially take complete control over the target system, allowing them to steal sensitive data, disrupt operations, or launch further attacks.
https://arcticwolf.com/resources/blog/the-continuing-rise-of-remote-code-execution/
Tuesday 4/9
Mr. Anderson ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/mr-anderson
Attackers Find Your Session Cookies Irresistible (Check Point)
Cookies also represent an opportunity for attackers, who can steal them to conduct a range of illicit activities. For your organization’s SaaS applications, this can lead to the theft or misuse of sensitive data, unauthorized transactions, and much more.
https://blog.checkpoint.com/security/attackers-find-your-session-cookies-irresistible/
Cracking the Code: A Comprehensive Guide to Secrets Detection (Cycode)
Secrets detection is essential. Secrets are the key to controlling access to confidential systems, authenticating resources, and building secure applications. They’re also an attractive target for malicious actors who seek out secrets to exploit them. We’ve seen in recent secret-related breaches that affected Microsoft and Uber.
https://cycode.com/blog/a-comprehensive-guide-to-secrets-detection/
Wednesday 4/10
URLocked Out: How Attackers Use The Web to Host and Deliver Ransomware (Palo Alto Networks)
Now in 2023, the Unit42 team has discovered that URLs have emerged as the number one method for ransomware delivery, accounting for nearly 77% of attacks. This comes as no surprise given how much organizations rely on the web for day-to-day productivity, causing attackers to use it as their main vector for cybercrime.
https://www.paloaltonetworks.com/blog/network-security/urlocked-out-ransomeware-cybercrime/
The Storage Architecture Spectrum: Why “Shared-nothing” Means Nothing (Pure Storage)
Learn more about the diverse spectrum of storage architectures and their tradeoffs, and why Pure Storage products use the architectures they do. And just as important, why there is more to any product or platform than just architecture.
https://blog.purestorage.com/perspectives/the-storage-architecture-spectrum-why-shared-nothing-means-nothing/
Thursday 4/11
CISA Announces Malware Next-Gen Analysis
The Cybersecurity and Infrastructure Security Agency (CISA) announces today a new release of our malware analysis system, called Malware Next-Gen, which allows any organization to submit malware samples and other suspicious artifacts for analysis. Malware Next-Gen allows CISA to more effectively support our partners by automating analysis of newly identified malware and enhancing the cyber defense efforts.
https://www.cisa.gov/news-events/news/cisa-announces-malware-next-gen-analysis
CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud (CrowdStrike)
While Microsoft Active Directory (AD) remains a prime target for attackers, cloud identity stores such as Microsoft Entra ID are also a target of opportunity. The reason is simple: Threat actors increasingly seek to mimic legitimate users in the target system.
https://www.crowdstrike.com/blog/identity-security-capabilities-stop-attacks-cloud/
Friday 4/12
Cookies Beyond Browsers: How Session-Based Attacks Are Evolving (CyberArk)
The main advantage of session-based attacks for the attackers is that because they happen after the authentication phase and the user is already validated, they can bypass MFA and other security controls applied at the login stage.
https://www.cyberark.com/resources/blog/cookies-beyond-browsers-how-session-based-attacks-are-evolving
Unified SASE: The Third Era of Network Security (Fortinet)
Network security has undergone several cycles of evolution over the past couple of decades, especially as new features have been added or consolidated into a platform. Today, network security has begun its third era of growth—but where did it all begin?
https://www.fortinet.com/blog/industry-trends/unified-sase-the-third-era-of-network-security