Crowdsourcing Cyber Chaos

|
Once upon a time, the rules were simple. Strategic cyber operations were led by government hackers hidden away in giant, windowless buildings. When organized cybercrime groups came onto the scene, they mainly focused on profitable targets like corporations and tried to avoid public targets that would attract too much attention, ... Read More

The Russia-Ukraine War: Is cyber the next battleground?

| | Executive Corner
As we enter the third week of the Russia-Ukraine war, the resilience of the Ukrainian people and President Zelensky is worthy of the world’s admiration. Unfortunately, Russia still has overwhelming combat power. Many have speculated that Putin’s health may be severely compromised, in turn accelerating “his mission to restore what ... Read More

Data Privacy and the Future of Business: How Businesses Can Put Privacy First

| | security
With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business success today would be a massive understatement. From tweaking shipping strategies to delivering more relevant advertising campaigns to customers, businesses are constantly looking for ways to ... Read More

Detecting anomalous network traffic resulting from a successful Log4j attack

| | Threat Research
IronNet’s Network Detection and Response (NDR) platform, IronDefense, coupled with our cybersecurity experts, prevented a potential disaster at a Defense Industrial Base (DIB) customer. We were able to successfully detect a threat actor involved in malicious activity exploiting the Log4J vulnerability.  We are still working closely with our partner to ... Read More

Contrast Security Protects Serverless applications from Log4j Attacks

| | Threat, Vulnerabilities
The Log4j flaw (also now known as "Log4Shell"), is a zero-day vulnerability (CVE-2021-44228) that came to light on December 9, allowing almost anyone to remotely execute malicious code against organizations who have certain configurations enabled, with little effort, given the highest CVSS score of 10 ... Read More

Log4j: new software supply chain vulnerability unfolding as this holiday’s cyber nightmare

| | Threat Research
Nearly a year ago the security world worked through a first-of-its-kind supply chain vulnerability during the SolarWinds/SUNBURST incident response. Now at the end of 2021, a different type of supply chain vulnerability impacting our software supply chain is affecting systems across the internet — with exploitations identified in the wild.  ... Read More
Summiting the "Pyramid of Pain" by sharing TTP detections in real time

Summiting the “Pyramid of Pain” by sharing TTP detections in real time

| | Threat Research
This blog was originally posted on BlackHat.com David J. Bianco's "Pyramid of Pain" Threat Hunting Framework is nothing new. Consisting of six logical groupings of indicators of compromise (IOCs), the pyramid illustrates that not all IOCs are created equal, while also specifying the relative level of difficulty for a malicious ... Read More