Cybersecurity Archives

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead

Cyber- Photokeratitis Some Thoughts On The Events Associated with UNC2452 Like many who have worked in the threat research & intelligence, forensics, and incident response space some time, when I became aware of FireEye’s public breach disclosure earlier this month (09 DEC 2020), it gave me pause. FireEye is without question a global leader in the development and acquisition of technology, services, and intelligence (e.g., Mandiant, iSIGHT Partners, etc.,). Few can or would debate that and even fewer would debate the organization’s knowledge and understanding of the threat landscape. During my time at...

Lower the Price Tag of a Data Breach with Threat Intelligence

Context, Uncategorized

Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle. This year’s report found that more than half (52%) of breaches are the work of malicious actors. Of those, 13% of breaches are reportedly caused by nation state attackers.The findings also revealed that more attackers are using compromised credentials and leveraging...

How Auditors Can Make Compliance Programs More Effective

Context, Uncategorized

When conducting an audit of your cybersecurity plans, it’s important to reassess risk and evaluate whether established policies and procedures are both effective and actionable. To aid in cyber compliance, CSO Online said the updated compliance guidelines issued by the Department of Justice, “has particular relevance to the cybersecurity practices of organizations when it comes to, for example, data breach and other security-related lawsuits.” Essentially, the document outlines how to assess, “whether a particular compliance program works in practice.” Toward that end, the guidelines pose three questions that every compliance...

Broken Security Promises and the Big Threat from Smaller Partners

Context, Uncategorized

When two companies are directly connected to each other, they need to believe that the other is doing all it can to shore up its defenses. What happens, though, when the relationship between two companies is distinctively different and imbalanced because of size. Enterprises, while often the target of sophisticated actors, have a sizable IT and security budget that allows them to build defense in depth. That’s not always the case for small businesses, which leaves them vulnerable to cyberattacks. The US Small Business Administration recently reported, “88% of small business...

Human Fallibility: A Threat that Flows Through Your Entire Downline

Context, Uncategorized

Earlier this year Dark Reading published a six part series, “Cybersecurity and the Human Element: We’re All Fallible,” in which the authors examined common mistakes of end users as well as the potential repercussions of human error. All signs supported their claim that we are indeed all fallible. Human beings are vulnerable to exploitation, but security practitioners know this. Thus, it's not really human beings that are the problem. The greater threat is that when attackers are successful through this vector, malware can infiltrate the network and hide out completely...

Ransomware Gangs Continue to Shame Victims

Context, Uncategorized

Everyone has something to hide. The beauty of that truth for hackers is that even if they don’t know their target’s dirty little secrets, they know that no one wants their secrets exposed. The mere threat of being publicly shamed may be enough to make some victims pay. Businesses, though, don’t have personal secrets. They have customer data and intellectual property, which they are responsible for protecting. So when the malicious actors operating the Maze Ransomware launched “Maze News” in November, they may have seen a spike in the number of...

An Unfair Advantage: Empowering the Cybersecurity Executive in Uncertain Times

Context

With nation-state grade cyber warfare becoming the norm, CISOs need to expand their toolbox. A next gen solution might be the answer....

Compromise Intelligence: The Realization of a Decades-Old Promise

Context

We can now move from the realm of the indicator of compromise or attack to Evidence of Compromise (EOC) resulting in real, actionable Compromise Intelligence....

Cybersecurity Tag

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead

Lower the Price Tag of a Data Breach with Threat Intelligence

How Auditors Can Make Compliance Programs More Effective

Broken Security Promises and the Big Threat from Smaller Partners

Human Fallibility: A Threat that Flows Through Your Entire Downline

Ransomware Gangs Continue to Shame Victims

An Unfair Advantage: Empowering the Cybersecurity Executive in Uncertain Times

Compromise Intelligence: The Realization of a Decades-Old Promise

Contact Us

Recent Insights

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead

U.S. Hackers have likely “gone to ground”

‘Most pristine espionage effort’ in modern history right under the US’s nose

TD Ameritrade – SolarWinds – Karim Hijazi’s Cybersecurity notes

About Prevailion