Numerous organizations have moved hurriedly to change their workforces during the COVID-19 pandemic so they can work remotely, actualizing new instruments and frameworks now and again as per the requirements. According to new data, a poll revealed that 71% of security professionals had reported an increase in security threats or attacks since the start of… Read More »(Shadow IT) How Does COVID 19 Or Remote Work Impact Enterprise Security?
This report summarizes the top breaches from early July till 15th August 2020 accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach Kiwi Bank Breach Kiwibank is investigating… Read More »Monthly Breach Report August 2020
About Ensiko This malware is a threat to any system using PHP. It can be used remotely by someone to carry on malicious activities. It is capable of executing shell level (OS) commands and send it back to remote executioner. It also scans systems and servers for particularly sensitive or valuable information. Few Technical Details… Read More »Ensiko: New Malware with Ransomware Capabilities
This blog is contributed by Apoorv Saxena, technical team, FireCompass. At the end of May a researcher by the pseudonym “chompie” published a tweet that showed a working PoC for CVE-2020-0976(SMBGhost), expecting a similar disclosure from the ZecOps security. As part of Microsoft June 2020 Patch release on June 9, ZecOps Researcher disclosed a new… Read More »Critical “SMBleed”, Vulnerability: Why Should You Be Worried?
This report summarizes the top breaches between mid May to June 2020 accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach 1.“Bank Of America (BofA) Data Breach” Bank Of America… Read More »Monthly Breach Report June 2020
Due to the global pandemic, organisations have rapidly moved to a rapid digital transformation to enable a remote workforce model and this has naturally led to a multi-fold increase in the IT attack surface of an organisation. Security leaders now need to take into account the additional risks brought onto by the remote workforce and… Read More »Top 3 Risks of an Expanding Attack Surface & Remote Workforce
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent — attack that which yields maximum result — and that is usually something used by a very very large… Read More »CISO Guide: Most Dangerous Security Gaps That Enterprises Should Avoid During WFH
It’s not new news but it’s shocking how large enterprises are becoming victims, these are challenging times. Cognizant (A large fortune 500 company) was seen to notify customers of a compromise and more details. This particular ransomware is particularly dangerous as it steals data before encrypting it and next threatens to release it if the… Read More »Maze Ransomware Hits Fortune 500 Company Cognizant: What Can We Learn?
This blog was authored by Jitendra Chauhan, Head R&D, FireCompass Salk Stack is A configuration management system. Salt is capable of maintaining remote nodes in defined states. For example, it can ensure that specific packages are installed and that specific services are running. A distributed remote execution system used to execute commands and query data on… Read More »SaltStack Advisory (Vulnerability, Impact, Remediation)
1> Maltego CE Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. You can find more details hereHow It Helps You : Maltego can be used for the information… Read More »Top 5 Tools for Digital Attack Surface Enumeration