A(nother) Ransomware Saga with a Twist
The healthcare sector has once again found itself at the center of a storm. On February 21, Change Healthcare, a titan in healthcare support services, suffered a devastating cyberattack by the notorious BlackCat/ALPHV group. This incident has sent shockwaves through the U.S. healthcare system, affecting hospitals, clinics, and pharmacies nationwide ... Read More
Security Debt, or When Bugs Go Bad
Occasionally, the IT world is gripped by a resurgence of concern – sometimes a fleeting trend, other times a significant issue. Lately, the term “Security Debt” has been making the rounds across IT news platforms. This article aims to unpack the essence of Security Debt and its implications. From ... Read More
Poor Credential Hygiene
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it ... Read More
Insufficient ACLs on Network Shares and Services
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it ... Read More
Locking Up Lockbit: The Fall of a Ransomware Cartel
As of the time I’m writing this, earlier this week a cybersecurity bombshell story just broke that, for once, is actually a positive turn of events. I’m talking about Operation Cronos, an international law enforcement operation that seized the Lockbit ransomware infrastructure, led to arrests of persons affiliated with the ... Read More
Weak or Misconfigured Multi-Factor Authentication (MFA) Methods
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it ... Read More
I Want To Update But Have No Package
-You want to fix your supply chain vulnerability, but have no update available for your environment -Maintaining open-source packages is mostly done on a voluntary basis -Using old packages is just as dangerous as not having the new versions available altogether Supply chain attacks come in all shapes ... Read More
Unrestricted Code Execution
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it ... Read More
0-days, n-days, too many days
A software vendor, a threat actor, and a bug bounty hunter walk into a bar. The bug bounty hunter goes “have you guys heard about this new bug I just spotted?” “Never heard of it,” says the software vendor. The threat actor just gives the widest grin. Meanwhile, the users ... Read More
Bypass of System Access Controls
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it ... Read More