Small businesses cannot operate under the assumption they fly under the radar when it comes to malicious hackers. On the contrary, threat actors know growing businesses have security vulnerabilities and often target them specifically to steal their data or use them to gain access to bigger organizations.
Dell SecureWorks Counter Threat Unit researchers have found that threat groups victimizing a particular vertical today may infiltrate new verticals tomorrow. Organizations should never dismiss the threat from groups that seem to only target other industries and should have thorough plans and mitigation strategies in place.
Dell SecureWorks Counter Threat Unit™ (CTU) researchers analyzed a stealthy malware family named Stegoloader that has been active since at least 2013 and yet is relatively unknown. It has been distributed through software piracy websites, bundled with software license key generators.
Dell SecureWorks CTU researchers responded to an intrusion perpetrated by Threat Group-1314 (TG-1314), one of numerous threat groups that employ the “living off the land” technique to conduct their intrusions. Detecting threat actors who are “living off the land,” using credentials, systems, and tools they collect along the way instead of backdoors, can be challenging for organizations that focus their instrumentation and controls primarily on the detection of malware and indicators such as command and control IP addresses, domains, and protocols.
The healthcare industry is a major target for threat actors, and a breach could expose sensitive data such as medical records, social security numbers, and financial information if organizations aren’t prepared. But there are steps organizations can take to better arm themselves against malicious attacks and mitigate the risk.
It is Monday morning. You open your eyes as your alarm bellows into your ear. You awaken and think “Wow! The Barry Manilow concert was superb on Friday. I am glad I was able to go.” Soon, your remnant glee dissolves as you realize the tasks awaiting you this morning. You still have the problems […]
Organizations want to avoid breaches, but some of the traditional and expected behaviors can be counter-intuitive, putting sensitive and valuable information at risk. Our incident response experts share their experiences and explain some of the common pitfalls they’ve seen and offer tips to avoid making the same mistakes.
To mitigate risk and damage from potential cyberthreats, security professionals must have total visibility from endpoint to network.
As information security professionals, most of you are familiar with vulnerability assessments and penetration testing (pen tests for short). Both are valuable tools that can benefit any information security program and they are both integral components of a Threat and Vulnerability Management process. Are These Information Security Services the Same? The two are often incorrectly used interchangeably […]
Whether you’ve already jumped on the Bring Your Own Device (BYOD) bandwagon for some devices like smartphones and tablets and are thinking about adding others, or whether you’re just now thinking about BYOD, there are a few things to consider. First and utmost, is security. If users can connect their own devices to the network […]