Security Monitoring

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks Read More »

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks Read More »

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

3 good examples of how to apply the Zero Trust Security Model Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »

DHS warns businesses of risks using Chinese tech and data services

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

DHS warns businesses of risks using Chinese tech and data services Read More »

Cyberattacks against machine learning systems and the new Adversarial ML Threat Matrix

In the wake of an increase in cyber attacks against machine learning (ML) systems, Microsoft along with MITRE and contributions from 11 other organizations, have released the Adversarial ML Threat Matrix.

Cyberattacks against machine learning systems and the new Adversarial ML Threat Matrix Read More »

BeagleBoyz cybercriminals launch “FASTCash 2.0” to rob banks

North Korea’s BeagleBoyz cybercriminals have launched an automated teller machine (ATM) cash-out scheme, known as FASTCash 2.0. Cyber experts from the U.S. government have detected the cyber activity over the past five years that led to nearly $2B loss to financial institutions around the world.

BeagleBoyz cybercriminals launch “FASTCash 2.0” to rob banks Read More »

FTC releases new video to help keep your small business safe from fraud

The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.

FTC releases new video to help keep your small business safe from fraud Read More »