Blog

  • Ryuk attack on nursing homes threatens people’s health

    Ryuk strikes again, this time outbreaking Virtual Care Provider Inc. (VCPI) IT company responsible for providing cloud data hosting, security and access management to more than 100 nursing homes across the

    Read More
  • Ryuk strikes again effecting 400 veterinary hospitals

    The National Veterinary Association (NVA) in California reviles that more than half of its animal care facilities got effected by the Ryuk ransomware attack last month. The facilities are still recovering

    Read More
  • Misconfiguration and Inadequate Change Control is a Top Threat to Cloud Computing

    The Cloud Security Alliance (CSA) published its annual report for top threats, risks, and vulnerabilities in the cloud for 2019.   The CSA is a world-leading organization dedicated to establishing best

    Read More
  • October’s NTLM MIC vulnerability

    Another vulnerability was recently found in IIS server NTLM protocol, exposing the targeted server to a relay attack. This vulnerability joins several other vulnerabilities discovered by the Preempt research team. Given

    Read More
  • Automating IIS Hardening with PowerShell

    IIS is a popular choice of a web server. Hosted on Windows Server, IIS allows organizations to host serve up websites and services of all kinds. But due to its popularity

    Read More
  • NTLMv1 or NTLMv2? Does it even matter?

    NTLM is Microsoft’s old mythological authentication protocol. Although new and better authentication protocol has already been developed, NTLM is still very much in use. Basically, even the most recent Windows versions

    Read More
  • Mitigating relay NTLM remote code execution vulnerability

    The Preempt research team found two critical vulnerabilities in Microsoft, sourced in three logical flaws in NTLM, Microsoft’s authentication protocol. The vulnerabilities potential outcome is allowing remote execution of malicious code

    Read More
  • DejaBlue? Not again!

    Microsoft published seven new Windows vulnerabilities sourcing, again, in the Remote Desktop Protocol (RDP). Like the name hints, DejaBlue, similarly to BlueKeep has the potential to create a worm that my

    Read More
  • Understanding Capital One Breach

    Major security breached to Capital One database resulted in 140,000 Social Security numbers, 80,000 bank account numbers and compromised one million Canadian Social Insurance numbers. Breach’s costs are expected to be

    Read More
  • detecting DDoS attack

    Distributed Denial of Service (DDoS) attacks are already ‘permanent residents’ in the cybersecurity statistics, but as time goes by their complexity, sophistication, and duration increases. Here are some interesting statistics on

    Read More
  • Clarifying APRA CPS 234

    The Australian Prudential Regulation Authority (APRA) is responsible for regulations in Australia’s financial bodies such as banks, insurance, and superannuation companies. As a result of the emerging amount of information on

    Read More
  • Sodinokibi ransomware- MSPs and client’s point of view

    Hackers breached MSPs and used Webroot console to infect PCs with Sodinokibi ransomware.   The infrastructure of at least three MSPs has been breached, in order to access and deploy ransomware

    Read More