The security risk of M&A: Are Chinese cyber threats lurking in legacy infrastructure?

| | Threat Research
Key points In late August 2022, IronNet Threat Research discovered a malicious cyber intrusion by a highly sophisticated, likely China-based threat actor in the network of a U.S. software company. It is suspected the threat actor was conducting staging activity, possibly to exploit the lower security posture over the upcoming ... Read More
The complexities of serverless security

The complexities of serverless security | How to secure serverless applications | Contrast Security

| | serverless
Serverless computing is a cloud-native model that allows developers to write code and deploy applications without needing to manage servers and other infrastructure running the services. Though you’re technically still working with servers, there’s also a cloud provider managing and provisioning the infrastructure on your behalf.  ... Read More

Cyber Attacks on the Power Grid

| | Threat Research
Given the recent news of Industroyer2 targeting Ukrainian electrical substations in April 2022 and the increased threat of cyber attacks on energy infrastructure, IronNet Threat Research took an interest in breaking down and analyzing past malware and threat actors that have targeted the various stages of the energy supply chain, ... Read More

Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine

| | Threat Research
On April 18, 2022, CERT-UA published alert #4490, which describes a malicious email campaign targeting Ukraine. The email attempts to deploy a Cobalt Strike beacon on the victim's system through the use of a MS Office macro. In the alert, CERT-UA provides a list of indicators of compromise (IoCs), including ... Read More
Contrast Serverless detects malware in AWS Lambda functions

Contrast Serverless detects malware in AWS Lambda functions

|
Two weeks ago, Cado security released an analysis about Denonia claiming it to be the first, publicly-known case of malware specifically designed to execute in an AWS Lambda environment. Denonia derives its name after the domain that the malicious code used to communicate with. The Golang-based malicious code runs crypto-mining ... Read More
Contrast Security does it again, keeping your serverless applications safe from Spring vulnerabilities

Contrast Security does it again, keeping your serverless applications safe from Spring vulnerabilities

|
Another weakness in the supply chain puts thousands of organizations at risk for cyber attacks ... Read More

Crowdsourcing Cyber Chaos

|
Once upon a time, the rules were simple. Strategic cyber operations were led by government hackers hidden away in giant, windowless buildings. When organized cybercrime groups came onto the scene, they mainly focused on profitable targets like corporations and tried to avoid public targets that would attract too much attention, ... Read More

The Russia-Ukraine War: Is cyber the next battleground?

| | Executive Corner
As we enter the third week of the Russia-Ukraine war, the resilience of the Ukrainian people and President Zelensky is worthy of the world’s admiration. Unfortunately, Russia still has overwhelming combat power. Many have speculated that Putin’s health may be severely compromised, in turn accelerating “his mission to restore what ... Read More

Data Privacy and the Future of Business: How Businesses Can Put Privacy First

| | security
With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business success today would be a massive understatement. From tweaking shipping strategies to delivering more relevant advertising campaigns to customers, businesses are constantly looking for ways to ... Read More