'

What We Learned in 2023

What We Learned in 2023

From the SEC cyber rules to AI, Decipher editors along with experts across the security industry discuss the top stories of this year and what we learned from them. Go to Source Author:

Categories duo

Law Enforcement Disrupts BlackCat Ransomware Operation

Law Enforcement Disrupts BlackCat Ransomware Operation

As part of an international disruption effort impacting the infamous BlackCat ransomware group, the FBI has created a decryption tool that has given 500 ransomware victims worldwide the capabilities to restore their systems. Law enforcement agencies have also gained visibility into the ransomware group’s network, and seized several attacker-operated websites, including the dark web site … Read more

Categories duo

Decipher Library: Holiday Edition 2023

Decipher Library: Holiday Edition 2023

We are eternally grateful to everyone who reads our writing on a weekly basis, and we wanted to return the favor by putting together a list of book recommendations from some of our friends and colleagues. We hope you find some time to sit down with one or more of these books over the holidays … Read more

Categories duo

U.S., Australian Government Agencies Warn of Play Ransomware Attacks

U.S., Australian Government Agencies Warn of Play Ransomware Attacks

The Play ransomware group has successfully infected at least 300 organizations as of October, according to a new joint cybersecurity advisory this week by U.S. and Australian government agencies, which sought to highlight Indicators of Compromise (IoC) and tactics associated with the group. The Play ransomware group emerged in June 2022 and since then has … Read more

Categories duo

Microsoft Cracks Down on Fraudulent Outlook Account Sales

Microsoft Cracks Down on Fraudulent Outlook Account Sales

Microsoft has cracked down on a cybercriminal group known for creating and selling fraudulent Microsoft accounts to other threat groups that they then use for various cybercrime-related activities, from phishing to ransomware attacks. The group, which Microsoft tracks as Storm-1152, has made millions of dollars selling 750 million of these types of accounts to prolific … Read more

Categories duo

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Along with every merger and acquisition between two companies comes the need to combine and strengthen their IT infrastructure. In particular, there is an immediate and profound impact on the identity and access management (IAM) postures of both companies. … Read more

SMTP smuggling enables email spoofing while passing security checks

SMTP smuggling enables email spoofing while passing security checks

Security researchers have found inconsistencies in how some Simple Mail Transfer Protocol (SMTP) servers handle end-of-data sequences. This allows the injection of SMTP commands into email messages in a way that causes receiving servers to treat them as two separate messages with one of them having its “From” headers spoofed. Furthermore, because the main message’s … Read more

How next-gen firewalls meet the demands of a new threat landscape

How next-gen firewalls meet the demands of a new threat landscape

Businesses are facing a perilous security threat landscape, with ransomware, compromised email, state-sponsored hackers and supply chain vulnerabilities, among the lead challenges. In such a fast-evolving landscape, some believe that the firewall has become irrelevant, but they’re making a mistake. In fact, they have a crucial role to play in defending organisations from attack. The … Read more

The 5 fundamentals of powerful, next-generation firewalls

The 5 fundamentals of powerful, next-generation firewalls

As more businesses work globally, often underpinned by a hybrid working model, cybersecurity must be optimised to counter ambitious cybercriminals. In particular, security teams must protect business networks where people are logging on across multiple territories and any number of devices. Linked to this trend is how business-critical applications increasingly leverage a blend of on-premises … Read more

5 things you need to know about your EDR

5 things you need to know about your EDR

Endpoint detection and response (EDR) is a protection approach that monitors endpoint devices across a network and blocking threats as these are identified. Like any other cybersecurity products, it can only protect a network if set up appropriately and tested. Based on my decade’s experience as a security and red team consultant, here are five … Read more