Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In September 2024, LevelBlue conducted a comprehensive threat hunt targeting artifacts indicative of Phishing-as-a-Service (PhaaS) activity across our monitored customer fleet. During the investigation, the LevelBlue Managed Detection and Response (MDR) Blue Team discovered a new PhaaS kit, now identified as RaccoonO365. The hunt confirmed true-positive compromises of Office 365 accounts, prompting swift customer notifications and guidance on remediation actions.

In today’s rapidly evolving digital landscape, security professionals face many challenges in protecting their organizations from cyber threats. One common problem is the persistence of attack surface blind spots, which can be exploited by attackers and prevent an organization’s ability to stay ahead of threats.

In today’s digital business environment, passwords are often the keys to your organization’s most sensitive assets—from financial records and customer accounts to intellectual property. Unfortunately, hackers are constantly developing methods to steal these passwords and gain unauthorized access. Understanding the techniques they use and how employees can protect themselves is crucial for maintaining digital security.

As new threat vectors emerge and cybercriminals leverage sophisticated technologies to orchestrate more targeted attacks, staying ahead of threats is more challenging than ever. We are excited to announce the launch of a new managed security service designed to protect highly regulated data and help ensure critical services are efficiently delivered.

Access control systems are the physical form of the layers of data, credential and identity controls underpinning the systems relied on every day. Yet, they can be an afterthought; even the most high-profile breaches of physical security systems can take years to rectify. Security Week highlights the vulnerabilities affecting Nice Linear, a widely used proprietary system in the world of smart homes. Over 2,500 individual vulnerabilities flagged in 2019 alone.

Online learning has expanded access to education across all levels. However, as beneficial as these platforms can be, they pose unique cybersecurity risks. Securing e-learning platforms will become increasingly crucial as more school systems embrace this technology.

Regularly updating your policies, software, and systems is crucial to your long-term cybersecurity efforts. However, failing to properly plan these updates can undermine your continuity plans and impede your business's productivity and profitability. As a cybersecurity specialist, you can balance repairs and replacements by creating a dynamic, adaptive strategy that accounts for industry trends and responds to emerging threats without causing unnecessary expenses to the company.

Whether it's clicking on a malicious link or being duped by social engineering tactics, people can unintentionally open the door to significant security breaches for organizations of all sizes. These mistakes aren’t inevitable or limited to any one role—they can happen to anyone, from top executives to customer service reps—but they are preventable with the right knowledge and constant vigilance in place.

New data illuminates how retail leaders can prioritize resilience. In today’s retail environment, businesses embrace dynamic computing and other technological innovations to enhance operations and customer experiences. However, as these advancements accelerate, so does the risk of cyber threats.

Phishing is an email-borne malicious technique aimed at learning the sensitive credentials of users or spreading malware. This practice has been on the list of the top cyber threats to individuals and businesses for years. According to the latest Phishing Activity Trends Report by APWG, the total number of phishing attacks identified in Q1 2024 exceeded 963,000.