Recent AD News

Attackers use stolen credentials to intrude into the UN network

September 15, 2021
Threat actors leveraged the stolen credentials of a UN employee to gain access to Umoja, a proprietary project management software that’s used in the intergovernmental organization. After intrusion, the attackers stole data that is likely to enable them to go after other agencies within the UN. “We can confirm that unknown attackers were able to breach parts of the UN infrastructure in…
Read more
Recent AD News

CISA and FBI expect ransomware attacks to soar over the Labor Day weekend, issue advisory

September 3, 2021
Ransomware attacks in the US spiked during all major holiday weekends this year, including Mother’s Day, Memorial Day, and the Independence day weekends. It looks like when employees are taking a break, ransomware gangs are getting to work. The worrying trend has prompted the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to issue an advisory to all US government and…
Read more
Recent AD News

Another zero-day vulnerability confirmed by Microsoft

August 17, 2021
This vulnerability, present in the Windows Print Spooler service, allows local attackers to get access to system privileges. Microsoft has confirmed another Windows Print Spooler vulnerability, that is being tracked as CVE-2021-36958. This vulnerability, which is a part of the PrintNightmare set of vulnerabilities, allows the local attackers to gain access to system privileges. Microsoft…
Read more
Recent AD News

Automate access decisions with risk-based contextual authentication

June 11, 2021
Fortifying Access Management while Working Remotely With more businesses opting for their workforce to work from home, there has been an exponential increase in remote user-focused cyberattacks. As IT teams scramble to deploy strict security measures like multi-factor authentication (MFA) to prevent any possible security event, the user experience of remote employees ends up taking a hit. A…
Read more
Recent AD News

2020 recorded the highest number of CVE’s to ever be reported

April 9, 2021
In an analysis carried out by the National Institute of Standards and Technology (NIST) on common vulnerabilities and exposures, it has been found that 2020 holds the record for the highest reports of security loopholes than any other year to date. The report shows that, in the year 2020 alone, as much as 18,103 vulnerabilities were reported with almost 10,342 of them classified as high or…
Read more
Recent AD News

Microsoft announces Azure Best Practices and Launches Conditional Access Enhancements

April 9, 2021
Joy Chik, corporate vice president for Microsoft Identity, recently laid out a general overview of Azure AD security best practice. This announcement comes in the light of improvements that were recently announced to Azure Active Directory including conditional access policy management enhancements and synchronization service additions. Microsoft has suggested that companies using Azure AD…
Read more
Recent AD News

Accellion Zero-Days Responsible for Recent Data Theft and Extortion Attacks

April 9, 2021
A recent string of attacks consisting of data threats and extortion have been linked to the the Accellion File Transfer Appliance’s CVE’s. Cybersecurity researchers said that a cybercrime group called UNC2546 was responsible for the two month long attack The crime group exploited multiple zero-day vulnerabilities in the legacy FTA software to install a new web shell named DEWMODE on victim…
Read more
Recent AD News

SolarWinds Puts the Blame on their Intern for the Supply Chain Attack

April 9, 2021
As cyber-researchers look into the Solarigate supply chain attack and measure it’s true impact, the company blamed one of its intern for a critical password lapse that went unnoticed for several years. The password is said to have been “solarwinds123” and is believed to have been publicly accessible via a GitHub repository since June 17, 2018, before the issue was rectified on November…
Read more
Recent AD News

Ransomware attack costs Universal Health Services $67 Million

April 9, 2021
Universal Health Services (UHS) in its recent earnings report revealed that a ransomware attack last fall, left them with a whopping pre-tax loss of $67 million. In the report, UHS referred to the cyberattack as an “information technology security incident” and said that the incident forced them to suspend user access to several technology applications in the US during the…
Read more
Recent AD News

National Security Agency asks organizations to embrace the Zero-Trust security model

April 9, 2021
The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero Trust within networks. The Zero Trust security model is a set of IT system design principles and a cybersecurity strategy based on the fact that threats exist both inside and outside traditional…
Read more