Monday 6/17
5 Things to Do First During a Ransomware Attack (Pure Storage)
Knowing the challenges you’ll face first and the immediate steps you can take during the early stages of an attack can help minimize loss, cost, and risk.
https://blog.purestorage.com/perspectives/a-6-point-plan-for-the-during-of-a-data-breach/
Triage Your Cloud Security: Risk Prioritization Methods (CyberArk)
Effective risk prioritization requires a nuanced understanding of risk dynamics and a strategic, adaptive approach. Organizations can use a combination of security control-based and identity/persona-based approaches to enhance their resilience against evolving cyberthreats while optimizing resource allocation and effort.
https://www.cyberark.com/resources/blog/triage-your-cloud-security-risk-prioritization-methods
Tuesday 6/18
How to Recognize and Defend Against Malicious Insider Threats (Proofpoint)
The average cost of a data breach by a malicious insider is the highest of any attack vector at $4.9 million, which is 9.6% higher than the global average. Unlike accidental misuse by well-meaning insiders, malicious insiders make a conscious choice to do something that they know they shouldn’t.
https://www.proofpoint.com/us/blog/insider-threat-management/how-recognize-malicious-insider-threat-motivations
Introducing MCS Image Management (Citrix)
Image Management allows prepared images to be used as a single source across multiple machine catalogs, bringing both version management and logical grouping to Citrix MCS. With the Image Management feature, administrators can generate prepared images in advance, significantly reducing the provisioning time needed to create or upgrade existing catalogs.
https://www.citrix.com/blogs/2024/06/17/introducing-mcs-image-management/
Wednesday 6/19
Danny Ocean ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/danny-ocean
Ransomware Roundup – Shinra and Limpopo Ransomware (Fortinet)
The Shinra ransomware was first submitted to a publicly available file-scanning service in April 2024. The threat actor steals victims' data before deploying and running its ransomware malware to encrypt files. The ransomware is also designed to delete Volume Shadow Copies to inhibit system recovery.
https://www.fortinet.com/blog/threat-research/ransomware-roundup-shinra-and-limpopo-ransomware
Thursday 6/20
Meeting the Need for Speed in the SOC (CrowdStrike)
Stopping adversaries requires a next-gen SIEM designed for real-time detection, blazing-fast search and maximum efficiency.
https://www.crowdstrike.com/blog/need-for-speed-soc/
The Evolution of QR Code Phishing: ASCII-Based QR Codes (Check Point)
Like many QR code phishing attacks, the email is around a re-authentication request. But the QR code has ASCII characters behind it, which could lead security systems to ignore it and think it’s a clean email.
https://blog.checkpoint.com/harmony-email/the-evolution-of-qr-code-phishing-ascii-based-qr-codes/
How To Defend Against the Rise of BEC Attacks (Arctic Wolf)
The fact is, BEC attacks are taking over the cybercrime landscape. To be proactively prepared to defend against them, you’ll need to arm yourself with the latest information and insights into BEC tactics and trends.
https://arcticwolf.com/resources/blog/defending-against-business-email-compromise/
Monday 6/24
I Was Almost Hacked - A Cautionary Tale
https://www.gothamtg.com/blog/i-was-almost-hacked-a-cautionary-tale
New Citrix Features: Improve Resiliency and Minimize Downtime (Citrix)
Your resiliency is crucial to your success. Why? Because building a resilient environment enables your users to take advantage of highly available resources, no matter what is happening in your environment.
https://www.citrix.com/blogs/2024/06/20/new-citrix-features-improve-resiliency-and-minimize-downtime/
Cloud Migration Simplified: SaaS Secrets and PAM Strategy (CyberArk)
By taking a phased approach and adopting SaaS secrets management, organizations can reduce their cyber debt, enhance security and achieve their cloud transformation goals more efficiently while positioning the organization to adapt to future challenges with confidence and resilience.
https://www.cyberark.com/resources/blog/cloud-migration-simplified-saas-secrets-and-pam-strategy
Tuesday 6/25
May 2024’s Most Wanted Malware: Phorpiex Botnet Unleashes Phishing Frenzy While LockBit3 Dominates Once Again (Check Point)
Researchers uncovered a campaign with Phorpiex botnet being used to spread ransomware through millions of phishing emails. Meanwhile, the Lockbit3 Ransomware group has rebounded after a short hiatus accounting for one-third of published ransomware attacks.
https://blog.checkpoint.com/research/may-2024s-most-wanted-malware-phorpiex-botnet-unleashes-phishing-frenzy-while-lockbit3-dominates-once-again/
3 Crucial Capabilities for Effective Cloud Detection and Response (CrowdStrike)
As organizations adopt more cloud applications and services, they need a modern approach to detect, identify and block adversary activity in the cloud.
https://www.crowdstrike.com/blog/3-key-components-cloud-detection-response-solution/
Wednesday 6/26
The Growing Threat of Malware Concealed Behind Cloud Services (Fortinet)
Over the past month, FortiGuard Labs has been monitoring botnets that have adopted this strategy, abusing cloud services to enhance their malicious capabilities. These botnets, such as UNSTABLE and Condi, have been observed leveraging cloud storage and computing services operators to distribute malware payloads and updates to a broad range of devices.
https://www.fortinet.com/blog/threat-research/growing-threat-of-malware-concealed-behind-cloud-services
Thursday 6/27
Misdirected Email: A Common and Costly Issue That’s Easy to Fix (Proofpoint)
Misdirected email happens all the time—and it’s difficult to stop with traditional tools. These errors are not usually flagged by standard rule-based data loss prevention (DLP) products. That leaves users solely responsible for ensuring that their emails are always sent to the intended recipients.
https://www.proofpoint.com/us/blog/email-and-cloud-threats/misdirected-emails-easy-costly
The Intertwined Journey of Regulatory Compliance and Cloud Data Security (Zscaler)
As businesses embrace the benefits of multicloud platforms, they must simultaneously navigate a complex web of regulations aimed at protecting sensitive data and ensuring compliance.
https://www.zscaler.com/blogs/product-insights/intertwined-journey-regulatory-compliance-and-cloud-data-security
Friday 6/28
Leverage Platformization – Strengthen, Unify and Simplify Cybersecurity Tools (Palo Alto Networks)
This rapid growth in security products has created complexity that makes it difficult to achieve desired security outcomes. Increasingly, security conscious enterprises are turning to platformization to drive better security outcomes and simplify operations.
https://www.paloaltonetworks.com/blog/2024/06/platformization-unified-platforms/
Five Reasons Why Multicloud Snapshot Technology (MST) for Disaster Recovery is a Game Changer (Nutanix)
With MST, you will be able to offload entity snapshots, which do not require steady-state perpetual compute nodes, to object storage (e.g. S3 bucket). MST protected workloads can be recovered using on-demand compute nodes, which are deployed only during DR events.
https://www.nutanix.com/blog/5-reasons-why-multicloud-snapshot-technology-for-disaster-recovery-is-game-changer