Category: Miscellaneous

Cybersecurity Weekly News Roundup
Posted on | by amsat | Leave a Comment on A Brief Weekly Review of Top Stories that Dominated the Cyberworld
Posted in Miscellaneous

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

Latest Blogs

Cybersecurity Weekly News Roundup

By AMSAT Dec 24,2020

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

The outgoing week saw a handful of incidents
rocking the cybersecurity landscape: a zero-day flaw that led to the hacking of
36 Al Jazeera staff’s cellphones; security flaws in in Dell Wyse Thin clients; and
closure of Safe-Inet, Insorg VPN services by law enforcement agencies, to name
just a few. 

Here is a brief review of some of the noteworthy cybersecurity events in the week gone by.

 At least 36 Al Jazeera employees’ iPhones hacked through zero-day flaw

At least 36 Al Jazeera journalists, producers, anchors, and executives, along with a journalist at London-based Al Araby TV, had their iPhones hacked using a zero-day no-user contact vulnerability in the iOS iMessage app.

Critical Flaws Exposed Dell Wyse Thin Client Devices to Attacks

Security experts revealed two critical security flaws it found in Dell Wyse Thin clients that could have potentially let hackers remotely perform malicious code and access arbitrary files on compromised devices.

Law enforcement agencies shut down Safe-Inet, Insorg VPN services

 

Law enforcement agencies from the United States, Germany, France, Switzerland, and the Netherlands captured the web domains and server infrastructure of three VPN services that offered a safe haven for hackers to attack their victims.

Windows zero-day with bad patch gets new public exploit code

 

A few months ago, technology giant Microsoft issued a fix for a flaw in the Windows operating system that allowed hackers to raise their permissions to kernel level on an affected machine.

 

Tags
cloud computing Cloud Security cybersecurity Cyber Security Cyber security managed service providers cyber security service provider Data Security digital threats Infrastructure Security managed cyber security services provider Managed Security Services managed service provider cyber security Mobile Appsecurity Network Security Ransomware Attacks Security Trends siem SOC

TAGS

  • Cyber Crime

Recent Blogs

SIEM logs
Saima Naz
Mar 05 2024
-
Category:
Cyber Security
Centralize Logs with SIEM for Compliance and Threat Detection
SIEM architecture
Saima Naz
Feb 29 2024
-
Category:
Cyber Security
5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
SIEM use cases
Saima Naz
Feb 22 2024
-
Category:
Cyber Security
Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
cloud based siem
Saima Naz
Feb 14 2024
-
Category:
Cloud SecurityCyber Security
On-Premise vs Cloud-Based SIEM: Which is Right for You?
best siem solution
Saima Naz
Feb 09 2024
-
Category:
Cyber Security
Choosing the Best SIEM Solution: A Comprehensive Review

Share this article

Ready to Get Started?

Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

    By submitting the form, you agree to the Terms of Use and Privacy Policy

    Penetration Testing Vs. Red Teaming
    Posted on | by amsat | Leave a Comment on What is Penetration Testing Vs. Red Teaming
    Posted in Miscellaneous

    What is Penetration Testing Vs. Red Teaming

    Latest Blogs

    Penetration Testing Vs. Red Teaming

    By AMSAT Nov 23,2020

    Penetration Testing Vs. Red
    Teaming

    Although these terms are used interchangeably, penetration testing and red teaming are two distinct things. So, what exactly is the difference between the two? In the blog below, we’ll try to help you learn more about the two terms and which one might be the best fit for your organization.

    Penetration Testing

    This is the practice of testing a computer system, network or web application to find security flaws that a cybercriminal can take advantage of. Penetration testing can be automated with software applications or carried out manually. A skilled penetration tester can detect where and how a threat actor might target you; how your defenses would fare; and what the possible scale of the breach would be.

    Penetration testing seeks to recognize application layer vulnerabilities, network and system-level faults, and opportunities to affect physical security impediments as well. In the multifaceted cybersecurity world, penetration testing has become mandatory for a majority of industries; in fact, in many it’s required by law. For example, even companies that might think they don’t have any important information to defend could be at risk of someone seeking to capture the network, install malware, disrupt services, and more. With so many hackers out there, penetration testing keeps up with evolving technology.

    After all, your IT team develops, upholds, and supervises your security program on a daily basis. Regardless of how efficiently they do the job, though, they could take advantage of an outsider’s perspective through third-party testing.

    Red Teaming

    Penetration testing seeks to discover as many flaws and configuration issues as it can, misuse them, and ascertain risk levels. One interesting way to view this is that the pen testers are bandits, ready to tear and plunder at their own whim. By the same token, red teamers can be thought of as ninjas, furtively planning complicated, measured, and intensive attacks. Red team operations have narrowed aims and a concurrent approach. They often involve a number of people, resources and time as they delve into the details to completely appreciate the accurate level of risk and flaws against an organization’s technology, human, and physical assets.

    Red teaming is generally hired by companies with more developed or established security positions; however, this is not always the case. After doing penetration testing and fixing most flaws, they then find someone to come in and try again to access important information or break the defenses, in any conceivable way, from a number of perspectives. This engenders the need for a team of security specialists, focused on a specific target, preying on internal flaws by employing physical and electronic social engineering methods on the organization’s people, and taking advantage of physical defects to gain access to the premises.

    Just like any hacker or threat actor, red teamers take their time, willing to steer clear of detection. Red Team valuation is a wide-ranging attack mockup conducted by highly skilled security consultants to recognize physical, hardware, software, and human flaws; acquire a more accurate understanding of risk for an organization; and help deal with and correct all identified security flaws.

    TAGS

    • Penetration testing
    • Security Updates
    • red teamers
    • Red Teaming

    Recent Blogs

    SIEM logs
    Saima Naz
    Mar 05 2024
    -
    Category:
    Cyber Security
    Centralize Logs with SIEM for Compliance and Threat Detection
    SIEM architecture
    Saima Naz
    Feb 29 2024
    -
    Category:
    Cyber Security
    5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
    SIEM use cases
    Saima Naz
    Feb 22 2024
    -
    Category:
    Cyber Security
    Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
    cloud based siem
    Saima Naz
    Feb 14 2024
    -
    Category:
    Cloud SecurityCyber Security
    On-Premise vs Cloud-Based SIEM: Which is Right for You?
    best siem solution
    Saima Naz
    Feb 09 2024
    -
    Category:
    Cyber Security
    Choosing the Best SIEM Solution: A Comprehensive Review

    Share this article

    Ready to Get Started?

    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

      By submitting the form, you agree to the Terms of Use and Privacy Policy

      Five Key Risk Mitigation Strategies
      Posted on | by amsat | Leave a Comment on Five Key Mitigation Strategies You Should be Aware of
      Posted in Miscellaneous

      Five Key Mitigation Strategies You Should be Aware of

      Latest Blogs

      Five Key Risk Mitigation Strategies

      By AMSAT Nov 11,2020

      Five Key Risk Mitigation Strategies

      When a production team kicks off a new project, there are integral risks that can be connected to a project’s processes. Nevertheless, there are approaches that can help alleviate these risks as well as anticipating the repercussions of these risks. These approaches can be used to recognize, evaluate, and examine risks and any associated consequences.

      What is risk mitigation?

      Risk mitigation refers to the method of planning and developing approaches and options to decrease threats, or risks, to the objectives of the project. A project team might enforce risk mitigation tactics to recognize, oversee and assess risks and implications integral to executing a specific project, such as new product creation. The process also comprises the actions put into place to handle issues and impacts of those issues concerning a project.

      Five risk mitigation strategies with examples

      Appropriate risk mitigation involves first identifying potential risks to a project—like team turnover, product failure or scope creep—and then planning for the risk by implementing strategies to help alleviate or halt the risk. The following strategies can be used in risk mitigation planning and monitoring.

      1. Assume and accept risk

      This strategy can involve alliance between teammates to spot the possible risks of a project and whether the effects of the recognized risks are satisfactory. Teammates are also likely to recognize and presume the possible flaws posed by the risks, while identifying risks and associated implications. This approach is commonly used for detecting and appreciating the risks that can impact a project’s productivity. The objective of this strategy helps bring these risks to the company’s attention, allowing everyone working on the project to have a mutual understanding of the risks and implications involved.

      1. Risk avoidance

      The avoidance strategy presents the accepted and assumed risks and consequences of a project and presents opportunities for avoiding those accepted risks. Some methods of implementing the avoidance strategy is to plan for risk and then to take steps to avoid it. For example, to mitigate risk on new product production, a project team may decide to implement product testing to avoid the risk of product failure before final production is approved. And this can be performed in these two ways.

       

      • Risk to performance

      Mitigation of performance risks, such as inadequate resources to carry out the work, insufficient design or poor team dynamics, can let a project team recognize possible methods to steer clear of these types of risk circumstances that may cause issues with project performance. For example, a production team might test more robust product resources to evade the risk of product fiasco with less durable resources.

      • Risk to schedule

      Circumvention of schedule implications can be executed by recognizing issues that could arise, affecting the timeline of the project. Vital deadlines, due dates and final delivery dates can be impacted by risks, such as being excessively hopeful about the timeline of a project. The avoidance approach can help the project team strategize ways to avoid schedule conflicts. And this can be done by creating a managed schedule that demonstrates specific time allowances for planning, designing, and making changes as needed.

       

      1. Controlling risk

      Teammates are also likely to enforce a control strategy when reducing risks to a project. This strategy works by considering risks recognized and accepted and then taking actions to decrease or remove the effects of these risks. The following examples highlight how control methods can be implemented for risk mitigation.

      1. Transference of risk

      When risks are identified and taken into account, mitigating the consequences through transference can be a viable strategy. The transference strategy works by transferring the strain of the risk and consequences to another party. This can present its own downsides, though, and when an organization enforces this risk mitigation strategy, it should be in a way that is acceptable to everybody involved.

      1. Monitoring risk

      Supervising projects for risks and consequences involves watching for and recognizing any changes that can affect the impact of the risk. Production teams might use this approach as part of a standard project appraisal plan. Cost, scheduling and performance or output are all features of a project that can be supervised for risks that may emerge during completion of a project. For example, a finance team or budget committee can assess and review risks to cost by generating a reporting routine to outline each expense of the company. This approach works by letting teams constantly measure the budget and change any cost plans accordingly.

      TAGS

      • Cyber Crime
      • Security Updates
      • risk mitigation
      • Cyber Security

      Recent Blogs

      SIEM logs
      Saima Naz
      Mar 05 2024
      -
      Category:
      Cyber Security
      Centralize Logs with SIEM for Compliance and Threat Detection
      SIEM architecture
      Saima Naz
      Feb 29 2024
      -
      Category:
      Cyber Security
      5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
      SIEM use cases
      Saima Naz
      Feb 22 2024
      -
      Category:
      Cyber Security
      Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
      cloud based siem
      Saima Naz
      Feb 14 2024
      -
      Category:
      Cloud SecurityCyber Security
      On-Premise vs Cloud-Based SIEM: Which is Right for You?
      best siem solution
      Saima Naz
      Feb 09 2024
      -
      Category:
      Cyber Security
      Choosing the Best SIEM Solution: A Comprehensive Review

      Share this article

      Ready to Get Started?

      Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

        By submitting the form, you agree to the Terms of Use and Privacy Policy

        All You Need to Know about Phishing 101
        Posted on | by amsat | Leave a Comment on All You Need to Know about Phishing 101
        Posted in Miscellaneous

        All You Need to Know about Phishing 101

        Latest Blogs

        9-11-All-You-Need-to-about-Phishing

        By AMSAT Nov 11,2020

        All You Need to Know about Phishing 101

        At a high level, phishing is trying to deceive people into doing something through an email that allows the cybercriminal to hack a target.

        What is phishing?


        When phishing is typically discussed, the emails that consumers receive are from someone mimicking a brand or an individual. For example, if the rival’s objective is to get the user to click a link that then leads to a suspicious website asking for personal information to help them log in to the target’s bank details, the link could be anything from “click to reset your password,” to an email mimicking your debt loan officer asking you to “click to pay your late fees.”

        Another version of phishing is an email that comprises malevolent attachments. A common instance is an email purportedly from a mobile shipper telling users they have a bill past due and to open the attachment to view it. Once that infected document is opened, a few things can occur. There might be a link to a compromised site which may install ransomware on your computer or ask for your details. A computerized message from the attacker cloaked as a standard prompt may ask you to allow commands in the document, which then installs the threat on your machine. Otherwise, the document itself could hold an exploit, and you are likely to be infected if you simply open it.

        Phishing attack tactics

        We come across quite a few impersonated financial institutions and cloud provider phishing emails that are particularly seeking to steal user credentials. On the positioned malware side of things, you’ll get reports including bills from your bank or mobile shipper. We’ve also come across phishing attacks mimicking law enforcement and in the form of a court order or an unpaid fine. Generally, the strategies tend to circle around a call to action with some kind of resolve to get clients to click.

        A few years ago, a unique tactic was employed where attackers exploited a huge breach to carry out targeted phishing attacks. They used users’ leaked personal information to send phishing emails laced with individual details that make the message appear real. If you receive an email that comprises information such as your full mail address and your phone number, for instance, that email will appear reliable enough that you might be lured to click. Whenever these big breaks happen, it’s generally suspected that people’s information is later being leveraged in these malicious attacks.

         

        What should users do to stay protected?


        Users need to put security above and over everything else. In fact, ensuring cybersecurity is extremely important for your home computers and devices as well as your systems at workstations. Threat attackers use the same tactics on ordinary consumers as they do on companies, so you can’t let your guard down when you leave your workplace. You’re a target regardless of your location, and keeping that in mind will help you make better security decisions.

        If you typically receive any email that appears too good to be true, it perhaps is. Here are some more actionable tips to keep in mind:

         

        Trust, but confirm. If you get an email from an organization you do business with, call them up instead of clicking on any links. This will help you verify whether the email is real without any possible harm. And if you’re one of the first people targeted in the phishing campaign, you could be helping the brand by notifying them that their name is being used spitefully.

        Always create unique passwords for each personal account, particularly each bank account, you need to log in to and change them frequently

        Enable 2-factor authentication when it’s available

        Do not open attachments in emails from recipients you are not familiar with

        Do not enable macros in document attachments received through email

        If undecided, never give out your personal data

        Back up frequently and keep a fresh backup copy off-site

        Protect your computer with cutting-edge real-time security

        TAGS

        • phishing attack
        • Security Updates
        • cybercriminal

        Recent Blogs

        SIEM logs
        Saima Naz
        Mar 05 2024
        -
        Category:
        Cyber Security
        Centralize Logs with SIEM for Compliance and Threat Detection
        SIEM architecture
        Saima Naz
        Feb 29 2024
        -
        Category:
        Cyber Security
        5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
        SIEM use cases
        Saima Naz
        Feb 22 2024
        -
        Category:
        Cyber Security
        Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
        cloud based siem
        Saima Naz
        Feb 14 2024
        -
        Category:
        Cloud SecurityCyber Security
        On-Premise vs Cloud-Based SIEM: Which is Right for You?
        best siem solution
        Saima Naz
        Feb 09 2024
        -
        Category:
        Cyber Security
        Choosing the Best SIEM Solution: A Comprehensive Review

        Share this article

        Ready to Get Started?

        Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

          By submitting the form, you agree to the Terms of Use and Privacy Policy

          DNS Security Solution: Best Practices for Network Security
          Posted on | by amsat | Leave a Comment on DNS Security Solution: Best Practices for Network Security
          Posted in Miscellaneous

          DNS Security Solution: Best Practices for Network Security

          Latest Blogs

          DNS Security Solution: Best Practices for Network Security

          By AMSAT Nov 02,2020

          DNS Security Solution: Best Practices for Network Security

          DNS attacks are always supposed to be top priority and mission-critical. Should the DNS server go offline, reaching vital services and apps will not be possible. Therefore, taking DNS security is very important. At the same time, ensuring best practices is also necessary.

          DNS stands for Domain Name System. It plays a vital role in protecting us from dangerous data on the internet. Many consider it the very core of the internet. Now you may want to know what DNS does. DNS’s main goal is to provide you with complete access to your network activity. It helps you detect any suspicious activity and will help you deal with it as soon as possible.

          So, What Are the Uses of DNS?

          • It helps you gain visibility over your network activity and let you see if any suspicious activity is taking place or not.
          • It prevents DoS attacks (Denial of Service attacks).
          • It prevents a weaponized payload through Domain Squatting, or Domain Hijacking attacks.
          • It automatically lets data from a secured network to pass through, as it already knows that the data is safe.

          DNS servers are hackers’ top priority. If your DNS server goes down you can have no access to any data or service. DNS servers are hackers’ arch-nemesis. Hackers’ first and most important goal is to shut down the DNS servers. Companies should be investing in protecting their DNS servers with high-quality security features. Around 79% of companies faced DNS attacks and suffered great amounts of damage such as Loss of business (29%), application downtime (82%), data theft (16%), and more.

          Protect Your Business from Data Theft Using DNS

          Data theft is one of the hardest to detect cyber-crimes. Data theft is only detectable after the information has already gone through to the hacker. To prevent data theft real-time, DNS analytics are a requirement. This requires a feature of DNS known as DNS Transaction Inspection (DTI) to provide the detection of threats. Criteria are set and steps are taken to avoid any unknown source from stealing data from the business.

          Best Practices for DNS Security

          • Always make sure that DNS records all the activities taking place on the server. This will provide you valuable information from where the malicious content is coming from and what their purpose is. DNS automatically detects if any trace is leading towards any cache poisoning or malicious intent. Monitoring all of this makes sure you are aware of where the attack is from and how it is affecting your business.
          • DNS always stores client’s information in a cache for future usage. As all of your information is being stored in a cache hackers can take advantage of this. They can steal this information and exploit it in any way possible. Always make sure to lock the DNS cache so that hackers cannot access it and steal your data in any way possible. This works in such a way that if you lock the DNS cache the data inside it can only be accessed or changed before the expiry time of TTL(time to live).
          • There is a feature in DNS known as DNS filtering. DNS filtering makes sure to block users from gaining access to malicious websites. It automatically rejects entry into the website if the user tries to access it or vice versa, as the DNS knows that it is already malicious. It immediately cuts off all the information going to the malicious website and does not send the DNS cache to the website.
          • Hackers will always find a way to steal your data. To avoid this always keep the hackers on their feet by updating your DNS server regularly. This will result in the hackers not being able to gain access to your DNS server. If you update your DNS server, regularly better security features will be added to it, which will keep your DNS server safe and secure.

          For more information about DNS security, scroll through the infrastructure management on our website.

          TAGS

          • DNS Security Solution
          • Network Security
          • Data Theft

          Recent Blogs

          SIEM logs
          Saima Naz
          Mar 05 2024
          -
          Category:
          Cyber Security
          Centralize Logs with SIEM for Compliance and Threat Detection
          SIEM architecture
          Saima Naz
          Feb 29 2024
          -
          Category:
          Cyber Security
          5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
          SIEM use cases
          Saima Naz
          Feb 22 2024
          -
          Category:
          Cyber Security
          Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
          cloud based siem
          Saima Naz
          Feb 14 2024
          -
          Category:
          Cloud SecurityCyber Security
          On-Premise vs Cloud-Based SIEM: Which is Right for You?
          best siem solution
          Saima Naz
          Feb 09 2024
          -
          Category:
          Cyber Security
          Choosing the Best SIEM Solution: A Comprehensive Review

          Share this article

          Ready to Get Started?

          Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

            By submitting the form, you agree to the Terms of Use and Privacy Policy

            What-is-Bot-Net
            Posted on | by amsat | Leave a Comment on What is Botnet Attach? A brief overview of botnet
            Posted in Miscellaneous

            What is Botnet Attach? A brief overview of botnet

            Latest Blogs

            A brief overview of botnet

            By AMSAT Oct 13,2020

            A brief overview of botnet

            There are many threats that can compromise your online privacy and security. Botnet is one such threat; it can use our computer to send spam to millions of users on the internet.  Simply put, the botnet is an example of using good technologies for ulterior motives.

             

            A botnet is merely a string of connected computers synchronized together to carry out tasks such as maintaining a chatroom, or taking control of your computer. Also known as the linchpins of the internet, botnets perform several repetitive tasks to keep websites up and running. While a number of botnets are absolutely legitimate that maintain a seamless user experience on the internet, some of them are illegal and harmful, and it’s important for you to be aware of them.

             

            In most situations, botnets gain access to your computer through some piece of malicious coding. In a majority of cases, your system is directly hacked, while other times hacking is done automatically.

            Why botnets are built

            Botnets are designed to grow and expedite a threat actor’s capability to perpetrate large-scale attacks. One individual or even a small team of cybercriminals can only conduct a number of activities on their local devices. Nonetheless, with little cost and a bit of time invested, they can obtain a slew of additional systems to influence for more effectual operations.

            How to prevent botnets

            Most people who get hit by botnets have no idea that their computer’s security has become compromised. But some easy, simple precautions can prevent them falling into the trap of malicious botnets seeking to undermine you or your organization’s security.

            There are a number of measures users can take to avoid botnet virus infection. Since bot infections typically spread through malware, most of these measures essentially focus on averting malware infections. Some of the recommended practices to prevent include:

            • Software patches: Users must keep all software updated with security fixes.
            • Vigilance: All kinds of activities that put users at risk of botnet infections or other malware must be avoided. This includes opening emails or messages, downloading attachments, or clicking links from unreliable or unknown sources.
            • Network baselining: It’s important to monitor network performance and activity so that anomalous network behavior is ostensible.
            • Anti-botnet tools: These tools provide botnet finding to enhance preemptive efforts by detecting and blocking bot viruses before infection takes place.

            TAGS

            • botnet
            • online privacy
            • security
            • bot viruses

            Recent Blogs

            SIEM logs
            Saima Naz
            Mar 05 2024
            -
            Category:
            Cyber Security
            Centralize Logs with SIEM for Compliance and Threat Detection
            SIEM architecture
            Saima Naz
            Feb 29 2024
            -
            Category:
            Cyber Security
            5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
            SIEM use cases
            Saima Naz
            Feb 22 2024
            -
            Category:
            Cyber Security
            Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
            cloud based siem
            Saima Naz
            Feb 14 2024
            -
            Category:
            Cloud SecurityCyber Security
            On-Premise vs Cloud-Based SIEM: Which is Right for You?
            best siem solution
            Saima Naz
            Feb 09 2024
            -
            Category:
            Cyber Security
            Choosing the Best SIEM Solution: A Comprehensive Review

            Share this article

            Ready to Get Started?

            Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

              By submitting the form, you agree to the Terms of Use and Privacy Policy

              Week in review: What happened in the field of cybersecurity
              Posted on | by amsat | Leave a Comment on Week in review: What happened in the field of cybersecurity
              Posted in Miscellaneous | Tagged

              Week in review: What happened in the field of cybersecurity

              Latest Blogs

              What happened in the field of cybersecurity

              By AMSAT Oct 9,2020

              Week in review: What happened in the field of cybersecurity

              Reports of vulnerability exploits, software releases, and ransomware vaccine marked the outgoing week. Here is a brief review of news that dominated the cyberworld.

               

              New ransomware vaccine programs created

               

              A new ransomware vaccine program was developed that terminates processes that use Microsoft’s vssadmin.exe application to try to remove volume shadow copies. Windows could make copies of users’ system and data files every day and save them in snapshots of Shadow volume copy.

               

              Microsoft accuses Iranian hackers of exploiting Zerologon flaw

               

              Tech giant Microsoft alleged that Iranian cybercriminals were exploiting the Zerologon vulnerability in several hacking campaigns. The company’s Threat Intelligence Center (MSTIC) was reported to have spotted the attacks.

              Google released Chrome 86 with security enhancements

              Search engine giant Google released Chrome 86 to the stable channel, which comprised many security improvements and new APIs for developers. Loaded with tons of password and security-related enhancements, Google’s new v86 release also comprised several new APIs.

              Windows Error Reporting service exploited by hackers

              It was learnt that a new fileless attack method that exploits the Microsoft Windows Error Reporting (WER) service was the handiwork of an unidentified hacking group. Malwarebytes security researchers Hossein Jazi and Jérôme Segura said that new “Kraken” attack was spotted on September 17. 

               

              US seized domain names used by Iran for propaganda

              The United States said that it captured as many as 92 domain names that an Iran-linked rival was leveraging in a global disinformation drive. Four of the domains appeared to be authentic news outlets, but they were controlled by Iran’s Islamic Revolutionary Guard Corps (IRGC), the US alleged.

              TAGS

              • Cybersecurity
              • Ransomware
              • Vulnerability
              • hackers

              Recent Blogs

              SIEM logs
              Saima Naz
              Mar 05 2024
              -
              Category:
              Cyber Security
              Centralize Logs with SIEM for Compliance and Threat Detection
              SIEM architecture
              Saima Naz
              Feb 29 2024
              -
              Category:
              Cyber Security
              5 Key SIEM Architecture Design Best Practices for Optimization and Scalability
              SIEM use cases
              Saima Naz
              Feb 22 2024
              -
              Category:
              Cyber Security
              Top 5 SIEM Use Cases Decoded: Security Monitoring, Threat Detection, Compliance Reporting and More
              cloud based siem
              Saima Naz
              Feb 14 2024
              -
              Category:
              Cloud SecurityCyber Security
              On-Premise vs Cloud-Based SIEM: Which is Right for You?
              best siem solution
              Saima Naz
              Feb 09 2024
              -
              Category:
              Cyber Security
              Choosing the Best SIEM Solution: A Comprehensive Review

              Share this article

              Ready to Get Started?

              Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                By submitting the form, you agree to the Terms of Use and Privacy Policy