Monday 5/3
State of Application Strategy 2021: Unpacking the Current and Future State of Application Security and Delivery* (F5)
The future of application security and delivery technologies is driven by digital transformation and the need to collect, analyze, and act on data to positively impact business outcomes. The future of business is digital, and that means applications—and the technologies that deliver and secure them—are the heart of business.
https://bit.ly/3uhBiOx
Between a Rock and a Hard Place: The IT Help Desk Manager’s Password Dilemma (CyberArk)
By layering cloud-based single sign-on (SSO) with adaptive multi-factor authentication (MFA), these teams can overcome pervasive password challenges and make sure users are who they say they are – while giving them fast, responsive and streamlined access to everything they need.
https://bit.ly/3nLQmSi
Tuesday 5/4
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat (FireEye)
UNC2447 monetizes intrusions by extorting their victims first with FIVEHANDS ransomware followed by aggressively applying pressure through threats of media attention and offering victim data for sale on hacker forums.
https://bit.ly/2Rr0Rhr
New Variant of Buer Loader Written in Rust (Proofpoint)
In the associated campaigns, the emails purported to be from DHL Support. They contained a link to a malicious Microsoft Word or Excel document download that used macros to drop the new malware variant.
https://bit.ly/3vDOsWq
Wednesday 5/5
What’s new with Citrix Workspace – April 2021
In April, our team of Workspace engineers added some great new features to help secure modern applications and user endpoints.
https://bit.ly/3b0I0ko
Bait Boost: Phishers Delivering Increasingly Convincing Lures
Innovative twists on banking scams and corporate-account hunters wielding increasingly clever lures, including those with COVID-19 vaccine promises, are likely to dominate the spam and phishing landscape throughout Q2 2021, according to researchers.
https://bit.ly/2RocNAK
Thursday 5/6
Defense Is Still the Best Offense: Why Continuous Vulnerability Management Is Essential (CrowdStrike)
The rise of remote work, distributed teams and cloud-connected devices all have the propensity for increased exposures and need regular and consistent monitoring.
https://bit.ly/33kiWk9
What is C2? Command and Control Infrastructure Explained (Varonis)
The specific mechanisms vary greatly between attacks, but C2 generally consists of one or more covert communication channels between devices in a victim organization and a platform that the attacker controls.
https://bit.ly/3vMK6fS
Monday 5/10
US passes emergency waiver over fuel pipeline cyber-attack
A major cyberattack Friday closed one of the country’s primary gas pipelines, fueling concerns about the frequency and severity of cyberthreats. Gotham offers a wide array of products and services that help to keep us all safer.
https://bbc.in/3fbOTAR
How Attackers Use Compromised Accounts to Create and Distribute Malicious OAuth Apps (Proofpoint)
Microsoft realized in late 2020 that authenticating app publishers can play a vital role in helping to mitigate the malicious OAuth apps threat. So, it created the publisher verification mechanism to provide end users with a credibility factor on the application publisher.
https://bit.ly/3vRnmeD
Increase server scalability, reduce costs by optimizing Microsoft Teams (Citrix)
While other vendors have recently begun to optimize a unified communications client, Citrix has optimized Microsoft unified communications clients for years.
https://bit.ly/3bj8mhA
Tuesday 5/11
Half the World’s Malware is Now Encrypted (F5)
Organizations that do not have the resources to decrypt traffic packets may therefore be letting massive amounts of malware enter their networks. Without visibility into encrypted traffic, your organization’s assets may be vulnerable to malicious attacks such as command-and-control communications (and the resulting attacks) or data exfiltration.
https://bit.ly/3eCrZTT
Put Your Best Foot Forward: Secure MFA Starts with the First Step (CyberArk)
Since combined MFA and Single Sign-On (SSO) systems are often an organization’s gateway to Zero Trust, it’s important not to stumble on your way through it. This requires an understanding of the challenges inherent in MFA implementation — many of which aren’t always immediately apparent — and a clear sense of the long-term strategy for effectively anticipating and thwarting attacks.
https://bit.ly/3o4OgNt
Wednesday 5/12
Citrix Workspace App Security Update
A vulnerability has been identified that could result in a local user escalating their privilege level to SYSTEM on the computer running Citrix Workspace app for Windows. This vulnerability affects all supported versions of Citrix Workspace app for Windows but does not affect Citrix Workspace app on any other platforms.
https://bit.ly/33QbjlX
Wormable Windows Bug Opens Door to DoS, RCE
Microsoft’s May Patch Tuesday release addressed a modest 55 cybersecurity vulnerabilities, including just four critical bugs. It’s the smallest monthly update from the computing giant since 2020, but it does contain a patch for a concerning wormable vulnerability found in the Windows OS.
https://bit.ly/2RJYvKU
Thursday 5/13
April 2021’s Most Wanted Malware: Dridex Remains in Top Position Amidst Global Surge in Ransomware Attacks (Check Point)
Our latest Global Threat Index for April 2021 has revealed that for the first time, AgentTesla has ranked second in the Index, while the established Dridex trojan is still the most prevalent malware, having risen to the top spot in March after being seventh in February.
https://bit.ly/3eGWzfa
What Are Air Gaps and Are They Effective Data Security Strategies? (Pure Storage)
We should be making life hard for hackers—not easy. Thankfully, there’s an arsenal of technologies and architecture paradigms to do just that. One of these approaches is called “air gaps”—but are they a silver bullet for protection, backup, and restore?
https://bit.ly/3oe9mJb
Friday 5/14
Ransomware’s New Swindle: Triple Extortion
Now experts are warning against a new threat — triple extortion — which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial breach to grab even more cash for their crimes.
https://bit.ly/3tPM9hA
Protecting Against Evolving Ransomware Attack Trends (Fortinet)
Ransomware leverages social engineering attacks, preying on fears as a way to execute malicious code on devices. With this in mind, cyber hygiene must start as a board-level conversation.
https://bit.ly/3uWvScH
Real-world Examples Of Emerging DNS Attacks and How We Must Adapt (Palo Alto Networks)
With 80% of malware using DNS to establish C2, it’s imperative that organizations monitor and analyze their DNS traffic.
https://bit.ly/3uSCOqI