All the latest blog posts from the most relevant cyber security companies in the business.

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score…

At the recent SANS Cyber Threat Intelligence Summit, two CrowdStrike cybersecurity leads, Senior Security Researcher Sergei Frankoff and Senior Intelligence Analyst Eric Loui, offered details on an emerging major ransomware actor they call Sprite Spider. Like many other ransomware attackers, the gang behind Sprite Spider’s attacks has grown rapidly in sophistication and damage capacity since…

The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do…

Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to empty…

Computer Trojans received their name from the infamous mythological horse. The Trojan’s basic mission is to mislead people of its real goal. A Trojan is malicious software that usually needs to be launched by the user or another malicious program. Malicious code typically penetrates the system under the guise of a useful utility or tool….

The security industry had a terrible year in 2020—some even think the worst ever. You can point to failures in working from home after COVID-19 struck, various election narratives, the SolarWinds breach, foreign nation-state cyberattacks, new ransomware, the global lack of cybertalent, government leader mistakes or a long list of other items. My favorite quote…

If you use the recently compromised SolarWinds Orion monitoring products, you are already reviewing your infrastructure and possibly blocking network access to the servers in your domain. For those of you who do not use the SolarWinds software, this is an opportunity to review your own processes and determine whether you would have detected the…