Twelve days ago, F5 announced several security vulnerabilities that went primarily overshadowed by the Exchange/Hafnium situation. It's important to understand that some of these are critical, remote command execution-level vulnerabilities that require nothing more than an attacker to connect to an F5 BIG-IP device. For those devices, being positioned "in front of" web server clusters […]
Cybersecurity threats based on major disasters or world events are nothing new. During the coronavirus pandemic, one threat in particular has increased much more quickly than others: phishing for sensitive information in disguised emails. During March 2020 alone, phishing attacks were up 667 percent! Protecting your system from the malicious intrusion of phishing emails is […]
Organizations of all sizes are dealing with more data than ever before, and as Castra learns about increasingly complex attack vectors, it is worth noting that traditional SIEM may no longer fit the purpose of the modern security program.
As the COVID-19 pandemic continues to grip the globe, many companies are finding it necessary to transition from on-site to remote work – and experts warn this could be the new normal for the foreseeable future. Is your company ready to make the switch securely? Lumifi has some tips on making the transition with cybersecurity […]
The ICS sector is under attack. According to the Federal Bureau of Investigation (FBI), a new security threat is on the horizon for those in the Industrial Control System (ICS) sector. While the Kwampirs remote access Trojan (or RAT) is not new, it is now targeting ICS companies and especially the energy sector. The FBI […]
One of the greatest risks for a SIEM or SOAR platform is missing that one event that helps with accurate detection. In general, misses can occur for several reasons, although in our experience, misses mostly stem from incorrect/empty PowerShell logs or merely a lack of logging required for advanced detection.
Every organization works hard to attain a healthy security posture. But what does that mean? It involves a properly resourced team of information security experts working to leverage the latest information security tools. The job of the security team is to prevent attacks before they happen, protect the organization in the case of an attack, […]