Blogs Archives

Blog

Stolen Credentials: The Number One Breach Vector and the Underground Economy Behind It

5. Mar 2025

In recent years, stolen login credentials have become the top initial attack vector in cyber breaches, eclipsing other tactics like phishing or malware exploits. Multiple cybersecurity reports confirm that most...

Blog

Important Update for All Using Certificates for Single Sign-On

21. Jan 2025

Do you use Kerberos SSO with certificate-based authentication (CBA), e.g., for validating intranet and file/print servers? If so,...

Blog

Offensive Security and Cyber Threat Intelligence: The Dynamic Duo Against Adversaries

19. Dec 2024

In an age where cyber threats evolve faster than ever, traditional approaches to security often fall short. Firewalls,...

Blog

10 Secure online shopping tips for the Christmas season

6. Dec 2024

The holiday season is upon us, and alongside the magic of Christmas comes the pressure of secure online...

Blog

Protecting Your Business from Supply-Chain Attacks: What to Do When Third Parties Are Breached

17. Oct 2024

In today’s interconnected digital ecosystem, businesses rely heavily on third-party vendors for various tools, technologies, and services. While...

Blog

Cybersecurity Starts at Home: A Call to IT Professionals

26. Sep 2024

As IT professionals, we are responsible for ensuring that our family, friends, and neighbors don’t become victims of...

Blog

Would you like to plan your day around Patch Tuesday?

26. Sep 2024

I’ve trimmed my hedge three times this year. That’s not something I usually do. Typically, I have a...

Blog

Microsoft to Require MFA for Azure Portal, Entra Admin Center, and Intune Admin Center – Are You Ready?

17. Sep 2024

Starting October 15, 2024, Microsoft will require Multi-Factor Authentication (MFA) for all sign-ins to Azure Portal, Microsoft Entra...

Blog

Urgent update Palo Alto Networks NGFW

20. Feb 2024

Palo Alto Networks are currently facing an expiration issue with a Palo Alto Networks certificate expiration on April...

Blog

DFVU Data Breach: A Comprehensive Analysis and Preventive Strategies

29. Jan 2024

In a significant cybersecurity incident, Slovenian retailer DFVU, which operates brands such as S-mania, Layoners, Mazzaci, and RedLynx,...

Blog

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

11. Jan 2024

In the evolving landscape of cybersecurity threats, GitHub, a popular collaborative coding and version control platform, has emerged...

Blog

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

22. Dec 2023

In the dynamic world of cybersecurity, understanding the implications of receiving an unprompted one-time passcode (OTP) is crucial. This occurrence...

Blog

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

2. Nov 2023

Cybercriminals increasingly manipulate reputable platforms such as Google Drive, OneDrive, Notion, and GitHub to camouflage their malicious activities...

Blog

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

18. Oct 2023

CVE-2023-20198 vulnerability affects physical and virtual devices running Cisco IOS XE software with the HTTP or HTTPS Server...

Blog

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

11. Oct 2023

Enumeration attacks, especially banking identification number (BIN) generation attacks, enable threat actors to produce and validate payment card numbers. These...

Blog

Adversary-In-The-Middle Attack (AiTM): A novel way to evade MFA

5. Oct 2023

In the vast realm of cyber threats, a relatively newer but impactful method has emerged: Adversary In the...

Blog

Understanding Vulnerability Lifecycle to Better Combat Exploits

21. Sep 2023

If you care about cybersecurity, you surely have heard the term ‘software vulnerability.’ But it can quickly happen...

Blog

CL0P Group – Analysis of European’s rising ransomware threat

21. Sep 2023

If you were following trends in the cyber threat landscape for the past few months, or actually the...

Blog

A look into Living off the Land adversarial technique

1. Sep 2023

Recently, you may have noticed several cybersecurity news sites citing Microsoft’s article on Flax Typhoon’s (threat actors) stealthiness while performing...

Blog

Diligent Management and Cybersecurity

17. Feb 2023

Leadership should be familiar with and understand cyber risks and their management, even though they may not have...

Blog

How could AI simplify malware attacks, and why is this worrying?

26. Jan 2023

AI can simplify malware attacks, lowering costs, giving cybercriminals an advantage over insufficiently secured targets.

Blog

Three Lessons for Better Cybersecurity in 2023

20. Dec 2022

From the point of view of Conscia's Security Operations Center (SOC), 2022 confirmed the fact that managing cyber...

Blog

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

12. Dec 2022

Criminals don't like to leave traces. In the cyber world, that means deleting their malicious software from your...

Blog

Season’s Greetings from Cybercriminals

25. Nov 2022

Cybercrime is on the rise during the holiday season. Cybercriminals take advantage of Black Friday, Cyber Monday, and...

Blog

Phishing as a Service (PHaaS) – an Effective Attack Vector for All Threat Actors

25. Nov 2022

Phishing has professionalized. It is literally available to criminals in a »as a service« model, and the most...

Blog

Remote Desktop Applications` Security

13. Nov 2022

Remote Desktop Applications (RDA) usage is growing and with that the importance of keeping them secure. Learn about...

Blog

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

30. Sep 2022

Two reported 0-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019 (on-prem) tracked as CVE-2022-41040 and CVE-2022-41082...

Blog

Insider Threats: What are they and how to mitigate them

20. Sep 2022

Organizations' own personnel pose one of the biggest threats to their security. Read the article to learn how...

Blog

The Importance of Identity-Oriented Cybersecurity

14. Sep 2022

Why should you re-focus your cyber defense from on-premises security to identity-oriented security? Read the article and learn...

Blog

How to detect Malware Persistency (part 1)

26. Aug 2022

Malware persistency is a mechanism adversaries use to ensure foothold in a breached environment. Read the article to...