Blogs

Read the full article in this link. Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows (bleepingcomputer.com) Microsoft has found a new malware APT29 (a.k.a. NOBELIUM, Cozy Bear) that allows anyone in a compromised network to authenticate. As a state-sponsored cyberespionage actor, APT29 uses the new capability to conceal its presence on the networks of its targets,Read more

Cyber criminals use new Windows malware to backdoor to attack organizations Read the full article on this website. Cyber criminals use new Windows malware to backdoor govt, defense orgs (bleepingcomputer.com) To spread PortDoor malware, cyber criminals utilised spear phishing emails containing confidential information about the targeted firms and malicious code exploiting the CVE-2017-11882 Microsoft Office vulnerability. In the latter stagesRead more

Once a company sees the "handwriting on the wall" and starts the underwriting process for cyber insurance, they quickly find out that the insurance company underwriters have done their homework and are now questioning perspective customers if they have Multi-Factor-Authentication in place. Many cyber insurance questionnaires are also specifically asking what categories of users are protected. (i.e. Company Administrators, Employees,Read more

Billions and Billions Served used to be the number of burgers served up by McDonald’s, but in the last couple of years it has become a pretty accurate tag line for user credentials. The stats here are essentially irrefutable. 2/3 of account take-overs result from exploiting weak or stolen credentials. Billions of credentials have been stolen from multitudes of on-lineRead more