Articles by tag

Handling Ransomware Attacks to Minimize Disaster

Ransomware attacks take place in two phases: access development, then monetization. Stopping cyber attacks while they are still intrusions, and not ransomed data, can prevent data privacy disasters.  Cyber Crime Requires a Division of Labor Cyber attackers take a specialized approach to ransomware development. First, the attacker develops access to a target. Second, the attacker passes the access to ransomware [...]

By |August 16, 2021|Categories: Blog, Technical|Tags: , , |

Cybersecurity: The Need To Find Common Ground

According to Colonial Pipeline CEO Tim Felt, paying ransom for the return of his company’s data was the hardest thing he had to do. However, the ransom represented less than two days of revenue, based on $1.3B generated by Colonial Pipeline in 2020.   Unmanaged System Leaves Colonial Exposed  The source of the breach was a virtual private network (VPN) account for a system that was supposedly no longer in use. Unfortunately, the VPN was [...]

By |July 27, 2021|Categories: Blog, Business|Tags: , , |

5 Reasons Technological Debt Increases the Risk of Cyber Attack

Failing to keep software and hardware up-to-date can put your business at risk for cyber attacks. The following issues frequently leave businesses exposed to cyber threats and vulnerabilities. The Culprits Behind Technological Debt Most technological debt is unintentional, the by-product of efforts to save money and resources. This focus inadvertently derails cybersecurity by shifting resources away from critical infrastructure and [...]

By |July 21, 2021|Categories: Blog, Business|Tags: , , |

Revue de mi-année 2021

Comme nous venons de passer la première moitié de 2021, j’ai décidé de revoir le top 5 des menaces que nous avons détectées durant cette période de 6 mois. À tous les quarts, nous produisons des rapports de tendance pour certains clients. Pour ce faire, nous creusons dans notre base de données d’incidents pour générer des statistiques. Un de nos [...]

By |July 15, 2021|Categories: Blogue|Tags: , , , , |

2021 Mid-Year Threat Review

As the first half of 2021 comes to a close, I decided to look back at the top 5 threats we detected during this 6-month period.  Every quarter, we produce trend reports for some clients. To do so, we dig back in our incident database to generate reports.  One of our clients (who doesn’t receive a lot of alerts; they [...]

By |July 15, 2021|Categories: Blog, Technical|Tags: , , , , |

Moral Hazard of Cyber Insurance 

Cyber insurance is not a replacement for harm prevention measures. The prices are high and will continue to go up. Here’s why. While doing research for a customer about trends you can expect for 2021, I found  a number of outlets warning that the cyber insurance market was hardening with rises in premiums. Should we expect this trend to continue or will premiums stabilize? If [...]

By |April 28, 2021|Categories: Blog, Technical|Tags: , , , |

macOS Coverage: Is It Worth It?

With CYDEF’s recent coverage expansion to the macOS platform, we need to address the value of cybersecurity protection for Macs. After all, aren’t Macs completely impervious to security threats? The answer is no of course. So why is the question "Do I need Malware Protection for Mac?" so popular? This post will start by covering the security advantages of the [...]

By |April 12, 2021|Categories: Blog, Technical|Tags: , , , , |

Monitoring for Insider Threat  

Insider threat incidents account for 34% of data breaches. CYDEF’s detection capabilities are not limited to external cyber attacks. They are also valuable detection controls that detect unusual activity on the inside of an organization.  What is Insider Threat?   Cybersecurity is focused on keeping malicious attackers out of business systems.  But what if the malicious attacker is already inside the business, with access [...]

By |March 30, 2021|Categories: Blog, Business|Tags: , , |

Phishing Campaigns Bypass Reputation Engine

The team at CYDEF observed an increasing proportion of phishing attempts that leverage trusted sites to bypass filtering resources. The following post addresses some of the detected campaigns and addresses security awareness programs.  Phishing Off the River  In recent posts we took an in-depth look at anti-virus bypass, especially living-off-the-land techniques.   The general concept of these techniques is that, by abusing trusted resources, an attacker can capitalize on the trusted resource’s good reputation to execute malicious code.   [...]

By |March 16, 2021|Categories: Blog, Technical|Tags: , , |

Medical Practices: A Steady Target for Cyber Attack

Medical practices are falling prey to cyberattacks at an exponential rate. Some outlets report that medical data is 10 times more likely to be targeted than banking information. Medical Practices: A Steady Target for Cyber Attack The more than 85% of physicians relying on electronic medical records, and approximately 1 million active physicians in the United States (not including nurse [...]

By |March 15, 2021|Categories: Blog|Tags: , , , |

Pratiques médicales: une cible constante pour les cyberattaques

Les pratiques médicales sont proie à des cyberattaques à un rythme exponentiel. Certains médias rapportent que les données médicales sont 10 fois plus susceptibles d'être ciblées que les informations bancaires.  Pratiques médicales: une cible constante pour les cyberattaques Les plus de 85% de médecins qui se fient aux dossiers médicaux électroniques et environ 1 million de médecins actifs aux États-Unis (sans compter [...]

By |March 15, 2021|Categories: Blog, Blogue|Tags: , , , |

Living-Off-The Land Attacks: The Democratization of Cyber Threats

Cyber attacks are not the exclusive realm of sophisticated attackers. These attacks get democratized very quickly.   To illustrate this point, we’ll review a potentially unwanted program (PuP) that uses a clever living-off-the-land attack chain to avoid getting blocked.  Living-Off-the-What-Now?  A living-off-the-land (LoL) attack uses the resources that are already present on a computer to perform malicious actions. Rather than loading additional software on the victim device, LoL attacks craftily repurpose resources to launch an [...]

By |March 2, 2021|Categories: Blog, Technical|Tags: , , |
Go to Top