Telecommunications giant reveals an Active Directory server breach. What can we learn from it?

We’ve always been vocal about the imminent threat of breaches and propagated the message that irrespective of the size of your business, the industry you’re in, or your geography, you can be subject to a security breach. And unfortunately, history …

IT Security 5 min read Read

Securing Azure Active Directory from PowerShell abuse

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware …

IT Security 4 min read Read

Email, security, and breaches

Email-based attacks can take many forms, and are typically deployed by cybercriminals in order to extort ransom or leak sensitive data. Just recently, a banking Trojan named Trickbot targeted Italy, a hotspot for COVID-19 cases, with email spam campaigns. While …

IT Security 3 min read Read

SQL Server, Part 3: Adopting the principle of least privilege

In the previous blog in this series, we discussed authentication and authorization mechanisms, and how configuring them properly can help secure your databases. In this blog, we’ll talk about how data breaches can be prevented by implementing the principle of …

IT Security 3 min read Read

Hardening Windows security: How to secure your organization—Part 3

This is the final blog of our three-part blog series on living-off-the-land (LOTL) attacks. If you missed last week’s blog, you can read it here.

 LOTL attacks are also known as “malware-free” attacks because your own tools are used …

IT Security 2 min read Read

Breaking down the San Francisco airport hack

On April 7, 2020, the San Francisco International Airport (SFO) released a notice confirming that two of its websites, SFOConnect.com and SFOConstruction.com, were targets of a cyberattack in March 2020. The attack has been attributed to a hacker group that …

IT Security 2 min read Read

Hardening Windows security: How to secure your organization—Part 2

We’re back with part two of our three-part blog series on living-off-the-land attacks. If you missed part one, you can read it here. In a nutshell, living-off-the-land (LOTL) refers to a type of attack where the attacker uses the …

IT Security 2 min read Read

Cybersecurity challenges of the work-from-home model

Just recently, the World Health Organization declared coronavirus a global pandemic. This decision brought with it several health and safety measures, and normal life came to a halt in many countries. This resulted in many organizations around the world adopting …

IT Security 3 min read Read

Hardening Windows security: How to secure your organization—Part 1

The cybersecurity threat landscape is quickly changing. Administrators have become more cautious when it comes to security and governing access, end users have become tech-savvy and security-aware, and attackers have also raised their game.

 Living-off-the-land attacks, or LOTL, is one …

IT Security 2 min read Read