Monday 10/24
Recognizing, Reporting, and Preventing Phishing (Fortinet)
What’s especially concerning as we look back at the first half of 2022 is that the number of new ransomware variants we identified increased by nearly 100% compared to the previous six-month period.
https://bit.ly/3z92nI2
Passwords still dominate, and are causing headaches for everyone
Password-spraying attacks relying on lists of millions of passwords leaked in the past decade, are on the rise, making MFA one of the most effective mitigations. But SMS MFA is low-hanging fruit for hackers now that MFA has become more widely adopted.
https://zd.net/3TxPzDi
Tuesday 10/25
Engineer a secure future in Industry 4.0 (Citrix)
Today’s manufacturer isn’t short of challenges. Supply chain disruptions and labor shortages are just some of the obstacles it must address. Another is the ever-increasing risk of a cyberattack.
https://bit.ly/3gCS74z
Playing Hide-and-Seek with Ransomware, Part 1 (CrowdStrike)
As enclaves are increasingly adopted to enable confidentiality-preserving applications, numerous researchers, including CrowdStrike, have asked the question of whether enclaves could be leveraged by ransomware authors to evade detection and ensure the decryption key cannot be retrieved by the victim after a successful attack.
https://bit.ly/3DuF2TR
Wednesday 10/26
SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company (Varonis)
While cloud data doesn’t involve grappling with nature or razor-sharp teeth, SaaS does represent a significant risk. Your cloud apps offer attackers a vast attack surface, and hackers seemingly discover new ways to trick your users into sharing sensitive information daily.
https://bit.ly/3TWVDVL
Eight Phishing Prevention Steps for Business (CyberArk)
Part of our job as defenders is arming workforce users with the knowledge and skills to thwart phishing attempts. Another is thinking like an attacker, recognizing that someone will slip up, think a phony call is legit, get fatigued by too many MFA prompts or be tricked by some novel phishing tactic.
https://bit.ly/3SBXPB1
Thursday 10/27
Rethinking Disaster Recovery with Simplicity Part 1 of 3 (Pure Storage)
In talking to storage administrators, we’ve found that since DR is critical for business risk management, they have to succumb to available approaches. But disaster recovery doesn’t need to be a complicated use case. It can be simple and user-friendly.
https://bit.ly/3SGnGI0
Create Automated Workflows with Pre-Built Playbooks (CrowdStrike)
CrowdStrike Falcon Fusion is an extensible framework built on the Falcon Platform that allows the orchestration and automation of complex workflows. These workflows can be used to simplify tasks, accelerate response time, and save valuable time for security teams.
https://bit.ly/3f7hnjd
Friday 10/28
The Need for Phishing-Resistant Multi-Factor Authentication (Okta)
Security companies and adversaries continue to play a cat-and-mouse game in which new security techniques are countered by newer and more ingenious attack vectors.
https://bit.ly/3gNeWme
10 Most Common Types of Malware Attacks (Arctic Wolf)
There are multiple kinds of malware, and attackers are continually investing in more complex, harder-to-detect versions. Now is the time to take proactive steps to protect your organization.
https://bit.ly/3TLn3yp