Securing your Attack Surface
Secureworks
Cybersecurity by security experts for security experts. We are in the fight with you!
Securing your Attack Surface
The rapid and widespread adoption of information technology has enabled incredible business innovation, efficiency, and value. However, it has also magnified the set of attack surfaces that must be defended. And unfortunately, malicious actors are taking advantage of this. Secureworks Counter Threat Unit™ (CTU™) found that dwell times between initial access and ransomware payload delivery often fall just under 24 hours. This means that security teams typically have less than one day to detect and respond.
Although information security teams work hard to meet this challenge, too often they approach it by deploying yet another security tool. According to an InfoSecurity magazine survey, on average enterprises utilize 76 security vendor products. Given the unforgiving threat landscape, the skillsets and operational effort required to effectively manage these complex environments can be daunting.
By taking a step back and reassessing their technology, processes, and partnerships, however, security leaders can choose a faster, easier, and more effective approach.
Read the full blog for more: Securing your Attack Surface
Fake Human Verification Prompt Delivers Infostealers
In two September 2024 engagements, Secureworks® incident responders identified users being directed to malicious websites after searching Google for video streaming services. One victim browsed for websites to watch sports, and the other searched for a movie. In both incidents, the victim was redirected to a malicious URL that prompted them to verify they were human by completing the actions shown in Figure 1. Pressing the Windows button + R opens the Run menu, CTRL + V pastes an encoded PowerShell command generated when the victim opens the malicious URL, and Enter runs the command.
Recommended by LinkedIn
Read the full blog for more: Fake Human Verification Prompt Delivers Infostealers
A Resilient and Evolving Threat Landscape
The human cost of cybercrime has been made all too clear in the last year. Critical operations at hospitals have been delayed, workers have been left wondering if they’ll get paid, and millions of personal data records have been hacked. In parallel, hostile state actors have continued their operations unabated.
At the same time, some of the cybercriminals that inflicted this damage have also had a bumpy year. Sustained law enforcement activity against ransomware groups, such as LockBit or ALPHV/BlackCat, and against other threat actors who provide supporting services to the criminal ecosystem, has left in its wake a splintered landscape, one where traditional trust and loyalties have been eroded. Nevertheless, cybercriminals are resilient and agile, with a strong will to continue their criminal moneymaking.
This makes it essential that businesses understand what has changed and remain vigilant.
Read the full blog for more: A Resilient and Evolving Threat Landscape
"It found that the shift to cloud and remote working has driven a 19% increase over the past two years in the number of security tools organizations must manage – from 64 to 76." Now -that- is nothing short of incredible. What's more, SecOps, DevOps, and other IT leaders have to go through the painful process of researching, vetting, purchasing, implementing, and managing all of these tools. Often with too few resources. Undoubtedly, that leads to decisions being made too quickly in the buying process and likely a large number of tools that are either underutilized or not utilized at all.