Most Important Network Penetration Testing Checklist


Network Penetration Testing

Network Penetration Testing determines vulnerabilities in the network posture by discovering Open ports, Troubleshooting live systems, services and grabbing system banners.

The pen-testing helps administrator to close unused ports, additional services, Hide or Customize banners, Troubleshooting services and to calibrate firewall rules.You should test in all ways to guarantee there is no security loophole.

Let’s see how we conduct a step by step Network penetration testing by using some famous network scanners.

Read more…

BazarCall to Conti Ransomware via Trickbot and Cobalt Strike


This report will go through an intrusion that went from an Excel file to domain wide ransomware. The threat actors used BazarCall to install Trickbot in the environment which downloaded an executed a Cobalt Strike Beacon. From there the threat actor discovered the internal network before moving laterally to a domain controller for additional discovery. A couple days later, the threat actors came back and executed Conti ransomware across the domain.

Read more…

Record 300 million Ransomware Attacks in first half of 2021


According to a report released by SonicWall, over 300 million ransomware attacks were observed in the first half of 2021, surpassing 2020s total of 302.73 million. And the highlight of the find is that the month June 2021 alone witnessed a record new high of 78.4 million file encrypting malware than compared to April and May of this year.

There has been a massive spike in the attacks in United States and UK alone as the attacks in the said two nations made up 185 percent and 144 percent of the total number of attacks, respectively.

Uncertainness accompanied by anxiety about when the businesses will leap back to normalcy, and the recent work from home norm has made the cyber crooks launch sophisticated attacks on corporations to gain finances and to sow discord. And this is said to have led to the rise in ransomware attacks.

Read more…

A look at the 2021 CWE Top 25 most dangerous software weaknesses


2021 CWE Top 25

The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two calendar years.

These weaknesses are risky because they are many times easy to find, exploit, and can allow adversaries to take over a system, steal data, or prevent an application from working.

Read more…

Ransomware Attacks Leave Lasting Damage

ransomware blast radius cyberattack


Organizations hit by ransomware attacks also report tightened budgets and lingering impacts on productivity, profitability and security posture, suggesting the extensive damage caused in the wake of ransomware attacks has long-lasting effects.

Keeper Security survey of 2,000 U.S.-based workers found that nearly all companies targeted by a ransomware attack paid the ransom, and another 22% did not disclose whether or not they paid, which suggests the real number could be much higher.

The vast majority—87% of impacted companies—said they enacted stricter security protocols after the attack.

More than three-fourths (77% percent of respondents) reported being unable to access systems or networks as a result, with 30% down for a day or less, 26% offline for up to seven days and 27% getting knocked out for more than a week.

As for causes, 42% of ransomware attacks originated from phishing emails, 23% from malicious websites and 21% from compromised passwords.

Oliver Tavakoli, CTO at Vectra, an AI cybersecurity company, explained that ransomware starts out like all cyberattacks—but it differs in that it ends in data exfiltration, data encryption and extortion.

Read more…

U.S., UK and Australia Issue Joint Cybersecurity Advisory


vulnerabilities advisory

As vulnerabilities are discovered, advisories are issued, remedies and mitigations are shared and then the onus is on the end user and/or company to do what’s necessary to close the window into their infrastructure. That is what happens in a perfect world, where CISOs and CIOs have fully collaborative relationships with operations and when the mitigations don’t derail the organization’s operational efficiency and capabilities.

Joint Cybersecurity Advisory

On July 28, 2021, four agencies across three countries issued a joint cybersecurity advisory identifying 30 vulnerabilities that companies (be they big or small) should be mitigating. From the U.S., the agencies are the FBI and CISA; from Australia, the ACSC and from the U.K. the NCSC.

The advisory doesn’t mince words: “Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide.  It’s recommended that organizations apply the available patches for the 30 vulnerabilities listed in the joint cybersecurity advisory and implement a centralized patch management system.”

CISOs—you’ve received your marching orders. Close the delta of vulnerability.

Read more…