Monday 10/23
Another InfoStealer Enters the Field, ExelaStealer (Fortinet)
InfoStealer malware exfiltrates data belonging to corporations and individuals that can be used for blackmail, espionage, or ransom. Despite the number of infostealers in the wild, ExelaStealer shows there is still room for new players to emerge and gain traction.
https://bit.ly/3s28AFw
Are You Sure Your Browser is Up to Date? The Current Landscape of Fake Browser Updates (Proofpoint)
Fake browser updates refer to compromised websites that display what appears to be a notification from the browser developer such as Chrome, Firefox, or Edge, informing them that their browser software needs to be updated. When a user clicks on the link, they do not download a legitimate browser update but rather harmful malware.
https://bit.ly/48YP6Ct
Tuesday 10/24
3 Ways the Threat Landscape Is Changing (Palo Alto Networks)
In the face of these evolving dynamics, how can organizations stay ahead of adversaries? It starts with understanding a set of pivotal cybersecurity focal points. Learn more about the biggest trends impacting today’s cybersecurity landscape and the primary areas of concern for fortifying your security posture.
https://bit.ly/46ENMmw
Considering Passwordless? Here’s How to Do It (CyberArk)
Passwordless authentication offers a better user experience and improved productivity by providing a more seamless sign-in experience. It also increases security by eliminating password-related risks.
https://bit.ly/3Mjjv4z
Wednesday 10/25
Microsoft Attack Simulation
Many corporations have adopted mandatory training programs that aim to educate employees and test their ability to identify and respond to suspicious emails. In this blog post, we will explore the effectiveness of user training and how Microsoft Attack Simulation can be a valuable tool in this endeavor.
https://www.gothamtg.com/blog/microsoft-attack-simulation
PSA: New VMware vCenter Vulnerability
VMware has evaluated the severity of this issue to be in the Critical Severity Range with a maximum CVSSv3 base score of 9.8. The write vulnerability could allow a malicious actor to execute remote code.
https://www.gothamtg.com/blog/psa-new-vmware-vcenter-vulnerability
IT’s 4 Biggest Risks and How to Build Resilience against Them (Pure Storage)
IT departments face risks and challenges on a daily basis. Here are the four most common IT risks and how your organization can build resilience against them.
https://bit.ly/3Q9wozs
Thursday 10/26
IoT and OT malware saw a huge rise in 2023
Malware attacks against Internet of Things (IoT) and Operational Technology (OT) devices have increased four-fold in a year as criminals demonstrate persistence and the ability to adapt to evolving conditions, new research has claimed.
https://bit.ly/40bTWrT
Five Reasons Why Legacy Data Loss Prevention Tools Fail to Deliver (CrowdStrike)
With U.S. data breach costs averaging a staggering $4.45 million last year, organizations need a way to better secure their data as cloud adoption accelerates and IT environments evolve.
https://bit.ly/3tQrzU7
Friday 10/27
This Message Will Self Destruct.. ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/this-message-will-self-destruct
Four Real-Life Financial Service Attacks Paths (XM Cyber)
Understanding attack paths helps us understand how attackers compromise critical assets across on-prem and hybrid cloud networks. Following are four real-life attack paths we found and remediated within networks in the financial sector.
https://bit.ly/3ShjKB9
ICYMI: Gotham Technology Group was joined by experts from Citrix and Nutanix to share a real-life success story of how one organization received a vastly superior EUC Digital Workspace experience at a significantly lower cost by deploying Citrix DaaS on Nutanix Cloud Infrastructure.
https://www.youtube.com/watch?v=0YjKq1fGrKg