Access to Office365 is controlled by a User Principal Name (UPN) and a password. These credentials give regular users access to Office 365 services, including Exchange, SharePoint, OneDrive, Teams, and more. User credentials can be set via Azure Active Directory, or an on-premise Active Directory Domain Controller, if you are using a hybrid setup. Either way, were an attacker to gain access to one of your user accounts, even if … Read more
Conti ransomware first appeared on the scene in May 2020. What differentiates this strain of ransomware from other strains is the speed at which it is able to encrypt files and spread to different systems. Conti ransomware also uses a “double-extortion” technique, which not only encrypts the victims’ data and demands payment but also takes copies of the victims’ data, which the attackers will expose or sell if the victim … Read more
In this episode of our popular podcast series CISO Talks, we met up with Rueven Aronashvili, the founder and CEO of CYE – experts in organizational cyber-security and risk assessments. Before that, Rueven worked at one of the co-founders of the Israel Defense Forces “Red Team” unit, helping to spot and address cybersecurity vulnerabilities presented by attackers. Rueven has seen a lot in his career, and many of the specific … Read more
The Zero Trust security principle is centered around the presumption that everything and everyone within your IT environment is potentially malicious, hence the phrase “never trust, always verify!”. The Zero Trust model runs counter to the traditional moat-castle approach, which presumes that the “bad guys” are on the outside, and the goal is to prevent them from getting in. The Zero Trust security principle is centered around the presumption that … Read more
Over the last decade, the topic of cybersecurity has become increasingly more relevant. After all, in 2020, we saw a total of 37 billion records compromised, a 141% increase compared to 2019. In response to the rising number of data breaches, Governments across the globe have been introducing stringent data privacy laws, which come with hefty fines for non-compliance. This has contributed to the rising costs associated with data breaches. … Read more
It is no secret that the majority of cyber-security incidents are, in some way or another, caused by negligent or malicious employees. In the context of developing a training program to minimize the likelihood of insider threats, we are only really interested in threats that are the consequence of employee negligence. After all, you can’t really train an employee to not act maliciously. Below are some examples of the types … Read more
Detecting insider threats can be tricky, especially as many of the indicators of an insider threat can be easily mistaken as normal user behavior. However, once you fully understand what an insider threat is, and you know the common methods and techniques that insiders might use to exploit your security, you’ll be able to identify the indicators far more easily. Insider Threat Motivations To understand what an insider threat looks … Read more
The purpose of a Security Information and Event Management (SIEM) solution is to aggregate and correlate event data from a wide range of devices, servers, peripherals, and applications, across your entire IT infrastructure, including any cloud platforms you use. SIEM solutions will help to detect anomalous network activity and identify trends that might be indicative of a security threat. What is a SIEM Solution? A SIEM solution will provide a … Read more
The PrintNightmare vulnerability enables attackers to execute remote code on our devices, and thus take control over them. It’s not entirely clear when the vulnerability was first discovered, although most literature on the subject states that it was discovered around June 2021, by the US Cybersecurity Infrastructure Security Agency. What is the PrintNightmare Vulnerability? The vulnerability exists on all devices running Windows 7 or higher. It resides in the Windows … Read more
As Governments across the globe introduce new and/or improved data privacy regulations, organizations must ensure that they have the necessary tools in place to demonstrate their compliance efforts to the relevant supervisory authorities. Due to various reasons, such as the increased adoption of cloud services and the increase in the number of employees working remotely, IT environments have become increasingly more distributed, which has led to a change in the … Read more
