Threat Modeling with STRIDE
Threat Modeling is an essential framework for identifying, analyzing, and mitigating security threats. Today, we’re diving into a blog post that unpacks this concept and introduces us to STRIDE, a threat modeling system born at Microsoft. The Three Views of Threat Modeling STRIDE Unpacked Security Properties vs. STRIDE The CIA …
Identifying and Protecting Sensitive Data
In today’s data-driven world, organizations collect and store vast amounts of information. While this data can be invaluable for business operations and decision-making, it also presents a significant challenge: protecting sensitive data. Failing to identify and safeguard sensitive information can have severe consequences, including: Financial losses: Data breaches can cost organizations …
Lessons from an HTML Smuggling Ransomware Attack
Introduction An HTML smuggling attack that led to domain-wide ransomware, as reported by The DFIR Report, highlights the critical importance of robust cybersecurity measures. Traditional network-based security tools can fail to catch sophisticated attacks like these, leading to potentially disastrous consequences. With cyber threats evolving every day, it’s crucial to …
SEC’s New Cybersecurity Mandate
The Securities and Exchange Commission (SEC) recently adopted new regulations requiring public corporations to disclose any cybersecurity breaches that could affect their financial health within four days, except in cases where disclosure would pose significant national security or public safety risks. The regulations, which were passed in a 3-2 …
Data Leak at VirusTotal
In a recent cybersecurity incident, an employee’s error led to the inadvertent exposure of personal data related to a subset of VirusTotal’s registered customers. This data included names and email addresses, with the database comprising approximately 5,600 names housed in a 313KB file. VirusTotal, a service widely used to detect …
Intricate Cyber Espionage: The Microsoft Azure Active Directory Breach
A recent validation error in Microsoft’s Azure Active Directory (Azure AD) source code allowed threat actor Storm-0558 to forge tokens and breach 25 organizations. The attacker reportedly acquired an inactive Microsoft account (MSA) consumer signing key, using it to access various enterprise and consumer services. The key, initially intended only …
The Double-Edged Sword of Automation: Cybercriminals Now Craft Scams in Minutes
According to Group-IB, a leading cyber analyst group, the rapid pace of automation advancements has significantly shortened the time it takes for cybercriminals to orchestrate elaborate scams, reducing the process to a mere ten minutes. This alarming development is a stark reminder of how transformative technologies while driving efficiency and …
APT Activity in Microsoft Exchange Online
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) recently released a joint Cybersecurity Advisory (CSA) after observing malicious activities in Microsoft 365 (M365) audit logs in a Federal Civilian Executive Branch (FCEB) agency. The advisory encourages agencies and critical infrastructure organizations to enhance their cybersecurity posture …
Law Firms Under Cyber Attack
Law Firms under Cyber Attack Law firms are currently experiencing an alarming surge in cyberattacks, with five class-action lawsuits already filed this year. The firms are becoming a primary target due to the sensitive nature of the data they store, from employee personal data to proprietary client information, similar to …