Living off the land (LOL) malware attack techniques use legitimate operating system (OS) utilities already on targeted hosts to breach enterprises. This blog post provides non-technical folk an introduction to this challenge, including high-level pros and cons of some remedies.

Over reliance on detection technologies for mitigating malware risks negatively taxes enterprises in two ways: successful malware attacks and higher cyber operations costs. Here we look qualitatively at cyber operations costs to help answer the question: what would be alleviated if far more malware attacks were neutralized at the endpoint in real-time by adding non-detection protection capabilities.

Industry analysts say that enterprises rely solely or mostly on detection-based cyber defense technologies. Their reports also demonstrate why detection-based tools alone are not enough. This blog focuses explains why detection is missing the mark. It concludes with a brief introduction of what the enterprise needs and the steps to get it.

From the vendor: “Kaseya’s VSA product has unfortunately been the victim of a sophisticated cyberattack.” Hackers believed to be associated with the Russian threat group known as “REvil” exploited a SQL vulnerability and an authentication bypass to hijack the on-premise deployments of Kaseya VSA.

Everybody seems to be buying into the concept of doing more with less, but, how can we apply that to endpoint security? Apply zero trust principles WITHIN endpoints.

Applying zero-trust principles WITHIN endpoints will help enterprise cybersecurity programs shift their priorities to conform to the new realities of COVID-19.

Emotet is an advanced Trojan malware that first appeared in 2014.The malware mostly spreads by spam and phishing emails via infected attachments and embedded malicious URLs. Everyone is susceptible to Emotet, from individuals to major enterprises and organizations around the world.   According to an alert from the U.S. Department of Homeland Security, the advanced […]

In the digital world, it can be easy to lose sight of the emotional dimension of the operations we perform. This will only increase as AI becomes more dominant. Too many experts are expecting AI to address the risks that other cybersecurity tools have failed to fully vanquish. But as long as the human element remains, emotional intelligence will be an important part of an effective cybersecurity strategy.

Like antibiotic-resistant strains of bacteria give nightmares to medical epidemiologists, modular malware systems are doing the same to cyber defenders. New variations of modular malware are appearing weekly, if not daily. They are designed to target Linux and Windows Servers. Xbash, AdvisorsBot, and Marap are a few examples of a modular malware that doubled in […]

Google recently stated that none of its 80,000 employee accounts using their Titan Security Key has been compromised since deployment. This is because this hardware authentication device is a possession factor that cyber criminals cannot electronically steal as they do passwords. But, as great as this and like tools are, they are susceptible when the […]