Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet. Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well as the current pandemic, VPN has become an even hotter topic and is being marketed as a critical security solution.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cybersecurity in remote work, this week we explore the concept of the Zero Trust model in cybersecurity.
According to McAfee, Adaptive Threat Protection (ATP) is an endpoint security’s optional module that analyzes organizational content and decides action based on file rules, reputation, and reputation thresholds. According to another source, the ATP is a security model that monitors threats, improves cybersecurity risks changes, and evolves to meet the need for security systems that are integrated with IT for continuous deployment, as well as in hybrid environments and the virtual cloud.
Every organization needs to keep tabs on other players in the industry in order to stay competitive. It’s common for an organization to analyze a competitor’s website, perform secret shopping trips, and monitor a competitor’s marketing strategies. This type of competitive research is perfectly legal. But if an organization unlawfully obtains another company’s sensitive information, it is considered industrial espionage, which is illegal.
During the Investigation of a Suspicious Security Critical Event alarm, we discovered credentials had been dumped from the NTDS.dit, which is a database that stores Active Directory data, including password hashes for all users in the domain. By extracting these hashes, it’s possible for an attacker to use tools to gain access to user’s passwords, which allows them to act as any user on the domain, including the administrator.
Now that the sparkle and pop of the Fourth of July’s fireworks has subsided, it’s time for July’s open source vulnerabilities snapshot, your monthly overview of everything new in the always-evolving world of open source security.
The highly anticipated structural update to the MITRE ATT&CK framework was released July 8th, 2020. After a quiet first half of the year, it appears the ATT&CK team has been putting in lots of work into some significant redesign of the framework’s structure. This update introduces a new layer of abstraction: sub-techniques.
Things just got serious. Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Security researchers at Agari have published a report detailing their investigations into a Russian cybercrime gang they say have stolen millions of dollars from companies in 46 countries since mid-2019.
