In this blog post, we delve into the notable trends that have been shaping the cyber landscape over the past month. With the conflict between Israel and Hamas dominating the news cycle, we look at how this is currently impacting cybersecurity, and provide updates on ransomware and other cybercrime activity to help security leaders stay […]
Power meets simplicity with the Catalyst Meraki 9300 Read the full post.
New Switches for Turbocharged Employee Experiences Read More »
Threat hunting encompasses a range of techniques and approaches aimed at discovering anomalies, threats, and risks associated with attacker activities. In the early days, log review by diligent system administrators was how these anomalies were detected, usually after the fact. This evolved into more structured methodologies created by security experts that attempted to identify these
A Modern Approach to Adaptive Threat Hunting Methodologies Read More »
Last week saw Apple update XProtect to version 2173 with new rules for Atomic Stealer and Adload. As we have noted previously, Apple’s defenses for the Mac have been evolving of late, with increased attention on remediation and some prototype behavioral rules that appear to still be in testing mode. However, 2023 to date has
macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques Read More »
The Good | New Resources to Help Fight Ransomware Extortion and ransomware continue to be the top cyber security concern for many enterprises, not least as we see threat actors pushing into new areas such as targeting ESXi servers and exploiting known vulnerabilities to gain initial access. Good news then that CISA has launched two
The Good, the Bad and the Ugly in Cybersecurity – Week 41 Read More »
In tandem with evolving business landscapes, cloud computing has emerged as a transformative force. The cloud’s ability to store, process, and deliver mass amounts of data and applications has made it the backbone of many modern businesses. Thanks to the cloud, many organizations have revolutionized the way they interact with information. Clouds offer scalability, flexibility,
Understanding Cloud Workload Protection (CWP) In Under 10 Minutes Read More »
It’s not everyday that an idea emerges from academia with the potential to disrupt existing approaches and technologies. That’s why S Ventures is excited about our recent investment in TileDB, a universal data platform that unifies all types of data (and associated code) along with the complex infrastructure surrounding that data into a single solution.
Starting on September 30, 2023, SentinelOne has observed actors exploiting the recently disclosed flaws in Progress’ WS_FTP against Windows servers running a vulnerable version of the software. The two highest severity vulnerabilities–CVE-2023-40044 and CVE-2023-42657–were assigned a CVSS score of 10 and 9.9, respectively. We observed at least three types of multi-stage attack chains, which begin
Threat Actors Actively Exploiting Progress WS_FTP via Multiple Attack Chains Read More »
The LostTrust ransomware operation is a new multi-extortion threat that emerged in September 2023. Our analysis of LostTrust malware payloads indicates that the family is an evolution of SFile and Mindware, and that all three follow similar operations and tradecraft to MetaEncryptor. Similarities between the LostTrust leaks sites and the earlier MetaEncryptor leaks sites are
This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the
Beyond the WebP Flaw | An In-depth Look at 2023’s Browser Security Challenges Read More »
