Posts Tagged ‘data breaches’

The OPM Breach Is Not Unique; Standard TTPs Can Get You the Crown Jewels: Wednesday’s report about the 2014 and 2015 Office of Personnel Management (OPM) breaches showed us that unsophisticated attackers can gain access to sensitive information. The highly detailed report by the House Committee on Oversight and Government Reform lists the known evidence of how two groups conducted their CNE (computer network exploitation) operations inside the OPM network. While the…
2016 Cyber Weapons Report: Looking for Attackers in All the Wrong Places: What tools do attackers use? The 2016 Cyber Weapons Report seeks to address this question by analyzing real-world attacks and other anomalous activity in organizations’ networks. This report focuses on the actions that occur after an initial intrusion, including command and control, reconnaissance, lateral movement, and data exfiltration. The Cyber Weapons Report reveals that organizations…
Holding Networks Hostage with Targeted Ransomware: Cybercriminals have stepped up their game, using new, advanced attack methods to compromise organizations, rather than individual users. And they have been successful, infiltrating a number of hospitals, schools, universities and government agencies. Post-attack investigations reveal that attackers used reconnaissance and lateral movement to infect as many machines as possible. And new ransomware strains demonstrate worm-like behavior, spreading through network drives and removable storage. But before we look at the latest attack techniques, let’s take a step back and review how ransomware has evolved.
Darwin is Alive and Kicking: Evolving Beyond “Intrusion Prevention” towards “Attack Detection”: Let me start by declaring that I’m a big believer in evolution theory (shocker!), and that Charles Darwin is alive and kicking in IT security markets in 2015! Why, you ask? Because every major incumbent vendor is “evolving” their messaging from a prior mantra of “Blocking” and “Preventing” attacks towards a new mindset of breach “Detection” that recognizes the stark reality that not all attacks can be prevented.
The Four Most Commonly Misunderstood Facts About Network Attacks: What you don’t understand can hurt you, and sometimes that hurt can be colossal. It’s ironic but even with a daily news cycle of freshly uncovered data breaches, most companies still greatly misunderstand the phenomenon. Just start with the term network attack. Some people think of this as the initial intrusion into a network. Others think of it as data exfiltration. The fact is that an attack breach is the entire process after the initial intrusion.