Decryption tool for the Maze ransomware

Ransomware is a type of malicious software cyber actors use to deny access to systems or data. The malicious cyber actor holds systems or data hostage until the ransom is paid. After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems. If the demands are not met, the... Continue Reading →

Enhance your SOC with Microsoft Security Graph Integration

The Microsoft Graph Security API simplifies integration with Microsoft and third-party security solutions. Using one endpoint, one software development kit (SDK), one schema, and one authentication mechanism, you can easily build integrated security applications, workflows, and analytics. Microsoft Graph is a collection of APIs that together provide a standard unified interface and schema for accessing... Continue Reading →

Cyber security leaders need fraud prevention with digital business

Digital transaction and consumer’s online presence Technology advancements has benefited both business and consumer by adopting digital technologies. With increase in adoption of smart phones and smart apps – the fraudulent activities has also exploded. Frauds such as identity thefts, merchant and triangulation frauds, affiliate and clean frauds, phishing, pagejacking, and counterattacks occur during online... Continue Reading →

Cyber Security Operations with Humans and Machines

Organizations today finding ways and means to utilize both humans and machines in cyber security operations. You should've noticed in market most of the cyber security product vendors using terms such as 'Artificial Intelligence', 'Machine Learning', 'Behavioral Analytics', 'Automated Workflow', etc,. Likewise system integrator, managed security service providers has explored possible use-cases to have 'machine... Continue Reading →

How to achieve 72 hours for breach notification

What regulators demanding from organizations? According to Article 33 - EU GDPR - "Notification of a personal data breach to the supervisory authority"; In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data... Continue Reading →

Threat modeling frameworks and methodologies

Threat modeling is a process by which organizations can shift their security approach from reactively plugging exploits to proactively and systematically understanding and addressing potential threats in the design stage. This process identifies potential threats to the system, data/asset exposure, logical/architectural vulnerabilities, and relevant security controls to help evaluate security decisions, serve as a guide... Continue Reading →

Unpatched vulnerabilities; Is it problem worth solving?

Enterprise today are investing in world class security products and do hire talented workforce to keep their business assets safe from any attack vectors. According to IBM XForce Threat Intelligence Index 2019, the growing attack surface and rising risk in organization today are vulnerability remediation and effective patch management. Security leaders wanting their security operations... Continue Reading →

Cyber Threat Intelligence Sources

On Feb 12, 2015, US president sign an Executive Order to encourage and promote sharing of cybersecurity threat information within the private sector and between the private sector and government. Rapid information sharing is an essential element of effective cybersecurity, because it enables companies to work together to respond to threats, rather than operating alone.... Continue Reading →

Blog at WordPress.com.

Up ↑