Network Security

The Good | New Resources to Help Fight Ransomware Extortion and ransomware continue to be the top cyber security concern for many enterprises, not least as we see threat actors pushing into new areas such as targeting ESXi servers and exploiting known vulnerabilities to gain initial access. Good news then that CISA has launched two […]

In tandem with evolving business landscapes, cloud computing has emerged as a transformative force. The cloud’s ability to store, process, and deliver mass amounts of data and applications has made it the backbone of many modern businesses. Thanks to the cloud, many organizations have revolutionized the way they interact with information. Clouds offer scalability, flexibility,

It’s not everyday that an idea emerges from academia with the potential to disrupt existing approaches and technologies. That’s why S Ventures is excited about our recent investment in TileDB, a universal data platform that unifies all types of data (and associated code) along with the complex infrastructure surrounding that data into a single solution.

Starting on September 30, 2023, SentinelOne has observed actors exploiting the recently disclosed flaws in Progress’ WS_FTP against Windows servers running a vulnerable version of the software. The two highest severity vulnerabilities–CVE-2023-40044 and CVE-2023-42657–were assigned a CVSS score of 10 and 9.9, respectively. We observed at least three types of multi-stage attack chains, which begin

The LostTrust ransomware operation is a new multi-extortion threat that emerged in September 2023. Our analysis of LostTrust malware payloads indicates that the family is an evolution of SFile and Mindware, and that all three follow similar operations and tradecraft to MetaEncryptor. Similarities between the LostTrust leaks sites and the earlier MetaEncryptor leaks sites are

This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the

The Good | CISA Launches Public Cyber Hygiene Campaign This week, CISA launched “Secure Our World”,  a new campaign aimed at improving the digital security of all by promoting awareness of cyber hygiene. As part of its wider Cybersecurity Awareness Program, the agency kicked off the campaign on Tuesday with a PSA promoting simple ways

Apple released macOS 14 Sonoma this week. Our review of the first beta back in June covers much of what Sonoma brings to Enterprise users and is worth reading as a preface to this post. Sonoma’s headline features are listed by Apple here, and for the first time, it has also stood up a separate

Check out the new Cisco Meraki MS130, MS130R, and Catalyst Meraki 9300 switches Read the full post.

The Good | New Working Group to Focus Efforts on Threats in Undermonitored Regions This week at the annual LABScon cybersecurity event, SentinelLabs launched a concerted effort against state-aligned cyber activities in areas like Africa and Latin America – regions that often receive less representation within the threat intelligence industry. Researcher Tom Hegel unveiled a