Articles by tag
Data Breaches and How to Prevent Them
Data breaches occur when a cyber attacker illegally accesses confidential information. Investing in cybersecurity awareness training and a detection response solution is the best prevention against a data breach. What Is a Data Breach? A data breach occurs when an unauthorized party accesses private data. Data breaches are most often intentional and part of a campaign by cybercriminals who work [...]
Handling Ransomware Attacks to Minimize Disaster
Ransomware attacks take place in two phases: access development, then monetization. Stopping cyber attacks while they are still intrusions, and not ransomed data, can prevent data privacy disasters. Cyber Crime Requires a Division of Labor Cyber attackers take a specialized approach to ransomware development. First, the attacker develops access to a target. Second, the attacker passes the access to ransomware [...]
Cyber Threat Research: Nuclear Power Plant Cyber Attack
In early September 2019, the Kudankulam Nuclear Power Plant in Tamil Nadu, India suffered a cyber intrusion. On September 3, a local security expert and former member of the Indian signals intelligence agency received a tip that there had been a malware attack and informed the Indian CERT on September 4. Mission Critical Systems Effected by Cyberattack The attack was [...]
Cybersecurity: The Need To Find Common Ground
According to Colonial Pipeline CEO Tim Felt, paying ransom for the return of his company’s data was the hardest thing he had to do. However, the ransom represented less than two days of revenue, based on $1.3B generated by Colonial Pipeline in 2020. Unmanaged System Leaves Colonial Exposed The source of the breach was a virtual private network (VPN) account for a system that was supposedly no longer in use. Unfortunately, the VPN was [...]
The Basics: Secure Software Development
Secure Software Development Lifecycle (SSDLC) is an approach to software development that emphasizes the value of security at every phase of product development. What is Secure Software Development Lifecycle? Secure Software Development Lifecycle (SSDLC) is a collection of best practices focused on adding security to software development. By taking a security first approach from requirement gathering through to product release, [...]
CYDEF to Scale Beyond 1 Million Endpoints
CYDEF solution testing with CENGN establishes business capacity to grow beyond 1 million endpoints. CYDEF Identifies Opportunities to Scale at Cost Over the course of 6 months, CYDEF collaborated with Canada’s Centre of Excellence in Next Generation Networks (CENGN) to establish the capacity of its cybersecurity solutions. By partnering with CENGN, CYDEF proved that its architecture scales successfully beyond 100,000 devices. With this knowledge, CYDEF has developed [...]
Vivre de la terre – Pas seulement pour les menaces avancées
Quand les gens discutent des dernières techniques d’attaques, ils assument souvent que ces techniques sont la prérogative exclusive des attaquants sophistiqués. Toutefois, ces attaques sont démocratisées très rapidement. Pour illustrer ceci, cette semaine nous allons analyser un logiciel classé « potentiellement non-désiré » qui utilise une chaîne de techniques « vivre de la terre » pour éviter d’être bloqué par les AVs. Vivre de quoi exactement? [...]
Living-Off-The Land Attacks: The Democratization of Cyber Threats
Cyber attacks are not the exclusive realm of sophisticated attackers. These attacks get democratized very quickly. To illustrate this point, we’ll review a potentially unwanted program (PuP) that uses a clever living-off-the-land attack chain to avoid getting blocked. Living-Off-the-What-Now? A living-off-the-land (LoL) attack uses the resources that are already present on a computer to perform malicious actions. Rather than loading additional software on the victim device, LoL attacks craftily repurpose resources to launch an [...]
Suivi des cyber-risques
Le suivi des cyber-risques requiert une enquête détaillée pour comprendre comment un réseau a été compromis et quelles données ont été exposées aux attaquants. L'article suivant explique comment CYDEF enquête les cyber-risques à l'aide de notre outil propriétaire, SMART-Monitor. 2020: Fin avec une montée subite de brèches Au cours des derniers mois de 2020, les réseaux mondiaux ont été inondés par une vague de brèches. Nos clients CYDEF ont connu une hausse similaire, que nous avons suivie grâce à notre produit clé SMART-Monitor. L'article suivant détaille les actions entreprises par notre équipe d'analystes [...]
Tracking Cyber Exposure
Tracking cyber exposure requires detailed investigation to understand how a network has been breached and what data has been exposed to attackers. The following post explains how CYDEF investigates cyber exposure using our proprietary tool, SMART-Monitor. 2020: Ending with a Surge of Breaches In the final months of 2020, global networks were inundated by a surge of breaches. Our CYDEF [...]