Clorox Breach: A Familiar Cyberattack Story When it comes to cyberattacks, how many success stories have we heard in recent years? Do you remember a single, positive story, like “yeah, they tried to attack us, but we stopped them” or “yeah, they got in, but we were only impacted for
Akira Ransomware Attack Hits BHI Energy | June 2023 A recent victim of ransomware was BHI Energy I Specialty Services LLC (BHI), a company that provides specialty maintenance and professional services to the nuclear power generation, industrial, and government markets. We’re writing this blog in the hopes that this cyberattack
Hotel & Entertainment Giant MGM Experiences Widespread Outages Following Cyberattack Another cyberattack…here we go again! This one brought critical disruptions to MGM hotels and casinos. We are “days” after the event and MGM is still not back to normal operations. Continue reading to learn more about the incident and how
Black Basta Ransomware Attack Hits ABB’s Active Directory | May 2023 ABB, a multinational corporation based in Switzerland, is a leading industrial tech provider, employs 100,000+, and reported revenues above $29 billion in 2022. It’s believed the attack was carried out by famed ransomware group Black Basta on May 7th,
Ransomware & Malware – Not “IF” but “WHEN”. Are We Ready to Do Something About It? I’m going to play a little Captain Obvious here but cyberattacks, particularly ransomware and malware, continue to embarrass organizations globally. Boards of directors and executive leadership teams at enterprises, big and small, claim to
Microsoft Releases Patches for 9 Critical Flaws & 3 Zero-Day Vulnerabilities On Tuesday, Microsoft released its security updates for February 2023, including patches for over 75 flaws. Among the 75 vulnerabilities, nine were rated “critical” and 66 “important” in terms of severity of threat to the organization. Three of them
Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Cyberattacks According to a blog post Tuesday by Orca Security, four Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF). The security issues were discovered by Orca between October 8, 2022 and December 2, 2022. The vulnerable services include: Azure
Microsoft Releases Policy to Further Prevent Brute Force Attack Attempts Earlier this week, Microsoft announced additional protection against brute force attacks, one of the most common methods used to attack Windows machines. IT admins can now configure a group policy to automatically block brute force attacks targeting local administrator accounts
The Senate on Tuesday passed major cybersecurity legation, moving one step closer toward forcing critical infrastructure companies to report cyberattacks and ransomware payments. The passage comes as federal officials have repeatedly warned of the potential for Russian cyberattacks against the United States amid the escalating conflict in Ukraine. The legislation,
New Azure AD Connect Version 2.0.91.0 Released This week, Microsoft released an updated version of Azure AD Connect. This new version provides compliance of the Azure AD Connect Health component with the Federal Information Processing Standards (FIPS) requirements. Keep track and understand all the versions that have been released —
