DDoS Attacks on Critical Infrastructure: A Look at Hydro-Québec’s Website Outage
Recently, the critical infrastructure of Canada has once again become the target of cyberattacks. Pro-Russian hacking groups have launched a series of DDoS or denial of service attacks, causing operational disruptions and website outages across various government and civilian organizations.
Cybersecurity vs. Cloud Security: What is the Difference? Part 1
Regarding technological advancement, cyber and cloud security are critical elements that can either make or break a company's overall IT infrastructure. Cybersecurity analysts must understand both nuances to protect their organization from potential risks. To get us started we know
‘BlackMamba’ AI-Keylogging Malware Attack Is Here – What You Need to Know
A new strain of malware has been discovered that is powered by artificial intelligence, and it's already making headlines in the cybersecurity community. Dubbed "BlackMamba," this keylogging attack has the potential to completely evade most existing endpoint detection and response
Will Your Organization Benefit from Security Services Edge (SSE)?
We want to keep things as simple as possible in this post about Security Services Edge (SSE); that is, what is SSE, what are the components, and what SSE is not. Fundamentally, SSE provides the security service elements of a
Two-Thirds of Organizations Were Hit by a Ransomware Attack Last Year
In SpyCloud’s Ransomware Defense Report, its annual survey of CISOs or Chief Information Security Officers and heads of IT security from Canada, the UK, and US they found that that security teams are starting to lose hope that they can
How CASB Solutions are Improving Cloud Security
Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, typically placed between cloud service consumers and their cloud service providers (CSB). The solutions often combine and add enterprise security policies when cloud-based resources are accessed. Further,
Nearly 50% Of Businesses Had a Cloud-Based Data Breach or Failed Audit
In the 2022 Thales Global Cloud Security Study, commissioned by Thales and conducted by 451 Research, reported that 45% of businesses it surveyed have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from
Assessing and Mitigating the Log4j Vulnerability
A Vulnerability Management Case Study Authors of this blog post include Subramani Sundar- Director, Threat & Vulnerability Management, Tamika Miyashita- Security Project Manager, Tanveer Chowdhury- Security Manager, & Peter Bellarmine - Lead Security Engineer This is the 3rd blog post we have
Lessons Learned in Defending Against the Log4j Vulnerability – A Case Study
Authors of this Blog Post include SecureOps Employees - Michal Kavan, SOC Director - Andrew Morrison, SOC Manager and Alejandro Perez, Sr. SOC Analyst In December, several Log4j vulnerabilities also known as Log4shell or LogJam in many of the IT security
The Log4j Vulnerability is Likely to be a Significant Threat for Years
Until last month, Log4j was simply a popular Java logging framework; one of the numerous components that run in the background of many modern web applications. But since the zero-day vulnerability (CVE-2021-44228) was published, Log4j has made a huge impact