Monday 9/30
Hybrid cloud environments are not safe from ransomware (ThreatDown)
The preferred way to move laterally from on-premises systems to cloud environments are stolen credentials for accounts that have access to both. They use the stolen credentials to gain control of the network, eventually creating persistent backdoor access to the cloud environment, and deploying ransomware to on-premises systems.
https://www.threatdown.com/blog/hybrid-cloud-environments-are-not-safe-from-ransomware/
The Dangers of Fileless Malware (Arctic Wolf)
Because fileless malware excels in evasion, the best defense against these kinds of attacks is to cut off their deployment methods and, if they manage to get into your environment, to stop them early.
https://arcticwolf.com/resources/blog/the-dangers-of-fileless-malware/
Tuesday 10/1
October is Cybersecurity Awareness Month! Gotham's Cybersecurity Practice Director, Steve Gold, provided some insight into possible attack vectors and credential security in our latest Ask the Experts webinar.
Click the link below to watch the full video.
https://lnkd.in/eQEdNvYA
Wednesday 10/2
What is Microsoft Purview?
As businesses adapt to an increasingly digital landscape, the need for efficient data management and protection has become a top priority. If your organization uses Microsoft 365, it’s worth understanding how Microsoft Purview can help you manage sensitive data and ensure compliance.
https://www.gothamtg.com/blog/what-is-microsoft-purview
Critical Access Controls: Ensuring Database Security (CyberArk)
Securing database access has become a critical concern for organizations globally. Your organization’s data is its most valuable asset, encompassing everything about your business, partners, customers and employees. A data breach could jeopardize your entire operation.
https://www.cyberark.com/resources/blog/critical-access-controls-ensuring-database-security
Top Cause of Incidents Resulting in Cyber Insurance Claims (Delinea)
Cyber insurance companies see business resiliency as the most effective way to minimize the overall financial impact on an organization. This is why we see many policies relating to ransomware-resilient backup and recovery strategies, priorities around incident response, and mitigation.
https://delinea.com/blog/top-cause-of-incidents-resulting-in-cyber-insurance-claims
Thursday 10/3
Reducing Cybersecurity Risks with NIST CSF 2.0 (Pure Storage)
Reducing cybersecurity risks and ensuring recoverability following an attack is critical for organizations today. The NIST CSF 2.0 lays out five functions for cybersecurity risk management.
https://blog.purestorage.com/perspectives/reducing-cybersecurity-risks-with-nist-csf-2-0/
Adaptive Threat Hunting | Adopting a Multi-Directional Approach (SentinelOne)
The evolution of adaptive threat hunting continues to deliver more ways of automating detection, investigation, and response processes. As these processes continue to integrate threat hunting, digital forensics, incident response, and security operations are converging into a more unified workflow.
https://www.sentinelone.com/blog/adaptive-threat-hunting-adopting-a-multi-directional-approach/
Friday 10/4
The Top 5 Largest Scale Intrusions in 2023 (Palo Alto Networks)
In previous years, social engineering tactics, like phishing, were the most common initial access vector. New technologies are shifting the landscape and changing the way threat actors approach their attacks.
https://www.paloaltonetworks.com/blog/2024/10/top-5-largest-scale-intrusions-in-2023/
Stay Safe This Prime Day: Check Point Identifies Rise in Phishing Attacks and Scam Emails (Check Point)
New research from Check Point Research (CPR) shows that over 100 different Prime-focused scam emails have been distributed to organizations and consumers in the past two weeks. A number of these emails impersonate Amazon Financial Services and request that consumers take action to update payment methods or similar.
https://blog.checkpoint.com/research/stay-safe-this-prime-day-check-point-identifies-rise-in-phishing-attacks-and-scam-emails/