At Shards Cybersecurity, we specialize in providing tailored cybersecurity solutions for small and medium businesses. With over 30 years of combined experience in securing the data of large enterprises across the UK, Europe, and beyond, we decided it was time to extend our expertise to SMBs. As a Microsoft Partner, we harness the enterprise-grade protection from Microsoft Defender for Business, leveraging the latest technologies to ensure your business remains secure and resilient against cyber threats. Our comprehensive Managed Security Services include: Shards 365 Starter: Ideal for small businesses with threat monitoring, vulnerability alerting, and monthly security reports. Shards 365 Standard: Perfect for proactive businesses with real-time threat monitoring, vulnerability management, and weekly security reports. Shards 365 Pro: Designed for regulated businesses with 24/7 threat monitoring, vulnerability notifications, and incident response support. We also offer specialized add-on services: Assessment: Thorough security evaluations to identify and mitigate risks. Implementation: Expert deployment of advanced security features and configurations. Compliance & Training: Ensuring regulatory compliance and providing effective team training. At Shards Cybersecurity, we are committed to building trust with our clients by delivering reliable and effective security measures. Our goal is to protect your business so you can focus on growth and success. Visit our website to learn more about how we can help secure your business.
External link for SHARDS Cybersecurity
Bratislava, SK
London, WC1X 9LP, GB
SHARDS Cybersecurity reposted this
#MSIgnite Day 1 has officially kicked off and we're looking forward to discussions on how to build a safer world together. Explore our many security sessions and demos, covering topics from proactive security to trustworthy AI: https://msft.it/6045WskNt
SHARDS Cybersecurity reposted this
The third quarter of 2024 saw the emergence of the Lynx ransomware as a service (RaaS) operation. Multiple affiliates, tracked as Storm-2113, were observed deploying the new ransomware variant, named for the .LYNX extension it adds to encrypted files, in attacks targeting manufacturing, energy, and commercial facilities sector in the US. Storm-2113 campaigns gain initial access via exploits and employ a range of tools, including RMM and credential dumping tools, before moving laterally, exfiltrating data, and deploying the ransomware payload. In this period, however, RansomHub still stood out as one of the most prevalent payloads used by some of the most active ransomware operators. Octo Tempest, who in the last quarter added RansomHub to its toolkit, has continued to use the RaaS payload. Other financially motivated threat actors that use RansomHub include Manatee Tempest and Storm-1874. In September, Vanilla Tempest was observed deploying the INC ransomware in an attack against the US healthcare sector. In this attack, Vanilla Tempest leveraged Gootloader infections (Storm-0494) to deploy malicious tools, including the Supper backdoor, then moved laterally across the network before deploying the INC ransomware. Ransomware threat actors shift ransomware payloads to increase attack effectiveness or to adapt to changes in RaaS operators. They also continue to find new ways to persist and inflict broader damage. For instance, we’re seeing more actors targeting hybrid cloud environments, moving from on-premises to cloud. Threat actors Octo Tempest, Manatee Tempest, and more recently Storm-0501 have been employing this technique, leveraging compromised identities. Expanding to hybrid cloud environments provides threat actors more control on compromised environments, enabling them to more effectively maintain backdoor access, exfiltrate data, and deploy ransomware. Ransomware threat actors use a combination of established and novel tools and techniques for their attacks. In early October, access broker Storm-1674 was observed continuing to conduct voice phishing (vishing) campaigns via Microsoft Teams, posing as help desk or IT support staff. If successful, this social engineering activity leads to malicious payloads associated with ransomware actors like Storm-0506 and Sangria Tempest. This is the first time since May that Microsoft observed new Storm-0506 intrusions, indicating that the threat actor may have resumed their Black Basta operations. To better protect against persistently evolving ransomware attacks, users and organizations are advised to build credential hygiene, apply principle of least privilege, and employ Zero Trust. For more info and guidance, visit https://msft.it/6049WHpPh Get more trends in the ransomware landscape in the Microsoft Digital Defense Report 2024: https://msft.it/6040WHpu6 Learn why healthcare is uniquely susceptible to ransomware attacks and how organizations can stay resilient: https://msft.it/6041WHpuB
SHARDS Cybersecurity reposted this
Don’t miss #MSIgnite online to learn how to secure your future with an AI-first, end-to-end cybersecurity. Register today to: ✅ Be among the first to hear top news ✅ Benefit from insights designed for your role ✅ Attend sessions tailored to addressing your top challenges Learn more and register today: https://msft.it/6044WP3g4 #AI
SHARDS Cybersecurity reposted this
The financially motivated cybercriminal group that Microsoft tracks as Storm-0501 has been observed exfiltrating data and deploying Embargo ransomware after moving laterally from on-premises to the cloud environment. The said attacks also involve credential theft, tampering, and persistent backdoor access. Storm-0501 exploited known vulnerabilities to gain initial access and used various open-source and commodity tools to steal credentials and move laterally within the network. The threat actor leveraged their level of access to exfiltrate sensitive data, evade detection, and gain control of the cloud environment. The actor subsequently created a backdoor to the cloud environment to maintain persistent access, and deployed Embargo ransomware on the on-premises environment to extort their target. In this blog post, we share our findings on the recent attack conducted by Storm-0501 and provide recommendations and mitigations to help customers protect themselves from this threat and similar ransomware attacks. https://msft.it/6041m5gPx
SHARDS Cybersecurity reposted this
Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet, a North Korean threat actor that commonly targets the cryptocurrency sector for financial gain. Google released a fix for the vulnerability, and users should ensure they are using the latest version of Chromium. We thank the Chromium team for their collaboration in addressing this issue. Read our blog to get more information about Citrine Sleet and the observed tactics, techniques, and procedures (TTPs) used to exploit CVE-2024-7971, as well as recommendations for mitigating and protecting against this activity. https://msft.it/6043l7qAH
SHARDS Cybersecurity reposted this
Phishing makes up more than 8 in 10 cyber attacks against UK small businesses. Check your cyber security with the UK Government’s free and quick tool that instantly spots IT vulnerabilities in your systems. Strengthen your organisation’s cyber security in just a few clicks. Check your cyber security now⬇️
SHARDS Cybersecurity reposted this
Maximize analyst productivity with our unified security operations platform, delivering: ✔️ A simple, approachable interface ✔️ More context at every stage ✔️ Faster response to threats Learn more: https://msft.it/6040lcB7m #SecOps
SHARDS Cybersecurity reposted this
Microsoft’s Security Service Edge (SSE) solution is now generally available. Get a closer look at how Microsoft’s SSE solution helps your organization eliminate security loopholes, improve end user experience at a global scale, and activate side-by-side, flexible deployment options with other SSE solutions: https://msft.it/6044lkfkQ #ZeroTrust #MicrosoftEntra
Excellent work from the National Crime Agency (NCA). Keep it up 👍
The National Crime Agency has infiltrated a significant DDoS-for-hire service which has been responsible for tens of thousands of attacks every week across the globe. The disruption targeting digitalstress.su, a criminal marketplace offering DDoS capabilities, was made in partnership with Police Service of Northern Ireland. It comes after the PSNI arrested one of the site’s suspected controllers earlier this month. The NCA took over the site and disabled its functionality, replacing the domain with a splash page, warning users that their data has been collected by law enforcement. This was achieved by creating a mirror site that users were directed to. The NCA also covertly and overtly accessed communication platforms being used to discuss launching DDoS attacks, telling and showing the users of these platforms that nowhere is safe for cyber criminals to talk about their criminal activity. Booter services are an entry-level cyber crime, allowing individuals with little technical ability to commit cyber offences with ease. Anyone using these services while our mirror site was in place has now made themselves known to law enforcement agencies around the world. Read the full story ➡️ https://lnkd.in/ew5QBXKk
🛡️ Cyber-savvy employees are your best defense! Regular cybersecurity training helps your team recognize threats and respond appropriately. Microsoft 365 Business Premium includes tools for user awareness training and simulated phishing attacks to keep your employees alert and prepared. Empower your employees to be the first line of defense against cyber attacks. #EmployeeTraining #CyberSecurity #SMBSafety #M365BP #ShardsCybersecurity