Monday 12/11
Why Ransomware Actors Abuse Legitimate Software (CyberArk)
Abusing organizations’ existing enterprise tools can help attackers blend in while they’re doing reconnaissance, and also aids them with privilege escalation and persistence. Coupling this technique with ransomware as a service (RaaS) also lowers the bar to entry by eliminating the need for attackers to create malware – something that requires skills, resources and time.
https://www.cyberark.com/resources/blog/why-ransomware-actors-abuse-legitimate-software
Supercharge Your Operations: Unleash Maximum Efficiency with the Citrix Automated Configuration Tool! (Citrix)
The Citrix Automated Configuration Tool supports on-premises to on-premises migration with CVAD 2305 and the more recent releases. Additionally, the support for migrating zones is scheduled for general availability this month in the upcoming release.
https://www.citrix.com/blogs/2023/12/05/supercharge-your-operations-unleash-maximum-efficiency-with-the-citrix-automated-configuration-tool/
Tuesday 12/12
The Martian ft. Bryon Singh, RailWorks Corporation
https://www.gothamtg.com/blog/the-martian
Protecting identities: How ITDR Complements EDR and XDR to Keep Companies Safer (Proofpoint)
Because most security teams are finding it increasingly difficult to stop attackers as they use identity vulnerabilities to escalate privilege and move laterally across their organization’s IT environment, some of today’s newest tools focus on this middle part of the attack chain.
https://www.proofpoint.com/us/blog/identity-threat-defense/how-itdr-complements-edr-and-xdr
ZTNA over VPN Can Be a Good Place to Start Your Zero Trust Journey (Fortinet)
Zero-trust network access increases access security by performing user identity and device posture checks before granting explicit access to each application, and it continues to check both the user and device to ensure they remain connected to that application. This granular access control enables appropriate levels of control for the various applications in use, making it much more difficult for an attacker to get and maintain access to an application.
https://www.fortinet.com/blog/industry-trends/ztna-over-vpn-to-start-zero-trust-journey
Wednesday 12/13
November 2023’s Most Wanted Malware: New AsyncRAT Campaign Discovered while FakeUpdates Re-Entered the Top Ten after Brief Hiatus (Check Point)
Researchers reported on a new AsyncRAT campaign where malicious HTML files were being used to spread the stealthy malware. Meanwhile, downloader FakeUpdates jumped straight into second place after a short break from the top ten list.
https://blog.checkpoint.com/research/november-2023s-most-wanted-malware-new-asyncrat-campaign-discovered-while-fakeupdates-re-entered-the-top-ten-after-brief-hiatus/
Identity Threat Hunting: How CrowdStrike Counter Adversary Operations Is Leading the Charge (CrowdStrike)
CrowdStrike’s identity threat hunting capability brings together industry-leading expertise and modern technology to stop identity-focused attacks. Here’s how.
https://www.crowdstrike.com/blog/cao-identity-threat-hunting/
Thursday 12/14
Yesterday, Gotham employees packed 500 snack packs as part of the Center for Food Action's Weekend Snack Pack program. We're proud to support the fight against food insecurity this holiday season.
To learn more about CFA, visit their website:
https://www.cfanj.org/
Friday 12/15
IT Agility Delivered: Future-ready Storage Solutions to Meet Enterprise Data Growth (Pure Storage)
IT staff and business leaders need more IT agility. Pure Storage delivers it with an innovative storage solution that breaks the traditional storage life cycle once and for all.
https://blog.purestorage.com/solutions/future-ready-storage-solutions-to-meet-enterprise-data-growth/
FCC updates data breach rules, with consumers in mind (Recorded Future)
The FCC order will broaden the commission’s breach notification rules to include certain personally identifiable information belonging to customers that is held by telecommunications carriers and providers, according to a press release.
https://therecord.media/fcc-updates-data-breach-reporting-rules-telecom-carriers