Training by security console

The notable shortage of cybersecurity specialists on the market in recent years has become particularly problematic in 2020. The pandemic, which has led to a widespread shift to remote working, has also highlighted the need to change security strategies at many companies. Even small firms have realized that the skills…Read More

Collaboration tools from a security perspective

For many companies, the mass transition of staff to remote working created a need for new tools. Years of fine-tuning employee interaction mechanisms went down the drain overnight as IT departments scrambled to deploy market-ready collaboration solutions. These solutions aroused no less interest among cybercriminals, who smelled an opportunity to…Read More

MontysThree: Industrial cyberspy

Our experts have found traces of activity of a new cybercriminal group that spies on industrial enterprises. The crooks are carrying out targeted attacks, using a tool that our researchers call MontysThree, looking for documents on victims’ computers. The group appears to have been active since at least as far…Read More

Malware delivery through UEFI bootkit with MosaicRegressor

Recently, our researchers uncovered a sophisticated targeted attack aimed at diplomatic institutions and NGOs in Asia, Europe, and Africa. As far as we can determine, all of the victims were connected to North Korea in one way or another, whether through nonprofit activity or diplomatic ties. The attackers used a…Read More

The Pied Piper of Hamelin and cyberweapons

Contrary to popular opinion, fairy tales and folk legends were not invented as entertainment, but to teach children (and adults) important lessons in an easy-to-understand form. Since time immemorial, storytellers have woven cybersecurity tips into their tales, hoping to make the Internet (which they foresaw) a safer place. For example,…Read More

How cybercriminals launder money stolen from banks

For some cybercriminal groups, attacks on banks and other financial institutions are like an assembly line. Many people know tracing stolen funds is usually impossible, but not everyone knows why. A joint report by BAE Systems and researchers from the payment system SWIFT details how cybercriminals launder stolen money. Money…Read More

How to fight delayed phishing

Phishing has long been a major attack vector on corporate networks. It’s no surprise, then, that everyone and everything, from e-mail providers to mail gateways and even browsers, use antiphishing filters and malicious address scanners. Therefore, cybercriminals are constantly inventing new, and refining old, circumvention methods. One such method is…Read More

Survey on industrial cybersecurity in 2020

Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially…Read More

Zerologon vulnerability threatens domain controllers

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472. The Netlogon protocol vulnerability was assigned a “critical” severity level (its CVSS score was the maximum, 10.0). That it might pose a threat was never in doubt, but the other day, Secura researcher Tom Tervoort (who discovered it) published…Read More