For many enterprises, zero trust has emerged as the North Star of modern cybersecurity frameworks, designed to help organizations reduce their attack surface and risk by applying principles of least privilege or a “never trust, always verify” approach. Some zero trust-based security controls, like multi-factor authentication (MFA), are designed to add layers of login defense…
Read More
Context The Hive ransomware variant has been extremely active in the past year. The ransomware was originally discovered in June of 2021, and reportedly is responsible for more than 300 compromises since September 2021. The FBI released a notice warning the public of the threat in August 2021 after Hive ransomware compromised dozens of medical…
Read More
Context The Department of Energy (DOE), Cybersecurity and Infrastructure Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory on April 13, 2022 detailing new advanced persistent threat (APT) cyber tools targeting Industrial Control System and Supervisory Control and Data Acquisition (ICS/SCADA) devices. The advisory notes three key…
Read More
Have you ever been working on a project and missed a deadline or deliverable simply because there was a miscommunication about who would take the lead on getting it done? Divvying up responsibilities can be efficient and effective, but only when both parties have a complete understanding of what they are responsible for. The same…
Read More
Summary Threat actors aligning to the FIN7 hacking group have maintained a multi-year, large-scale hacking campaign that compromised tens of millions of consumer debit and credit cards. The campaign, operating since 2015, has damaged banks, hospitality entities, card companies, and direct consumers more than an estimated $1,000,000,000 USD by targeting numerous entities in the restaurant,…
Read More
