China Cyber Threat Defense – Today and in the Months Ahead

china cybersecurity

In 2021, the White House Briefing Room issued a statement attributing malicious cyber activity and threats to the People’s Republic of China. In the statement, China was accused of using “criminal contract hackers to conduct unsanctioned cyber operations globally.” The activities of these Chinese hackers include ransomware attacks, cyber-enabled extortion, crypto-jacking, and theft. One of […]

Everything You Need to Know About Apache Log4J

log4j vulnerability

Update 14th January While the Log4j shell vulnerability surfaced a month ago, it is still being exploited in the wild. Attackers are utilizing it to gain remote code execution (RCE), enabling the deployment of ransomware, crypto miners, and the access of unauthorized systems and data. Exploitation remains simple, allowing attackers to get full control without […]

Proactively Securing Your Enterprise Cloud

cloud security

Somewhere right now, sitting in front of a bank of computer screens in Russia, China, or even in the United States, is a band of cyber-criminals planning a nation-state grade attack. If they haven’t attacked your network yet, it’s just a matter of time. Taking proactive steps to secure your enterprise cloud now will give […]

Weekly Cyber Breakdown

With so much information out there it’s good to know what is top of mind for other industry professionals. We’ll be updating this blog on a weekly basis with the top 10 articles and newsworthy topics in cybersecurity. This is a repository of top trends based on what industry leaders have been discussing most. Think […]

Ransomware: 7 Steps to Take Right Now to Become Ransomware Resilient

fighting ransomware

In our previous blog, we discusses the infamous question of “to pay, or not to pay?” when a network is hit by ransomware. But what about BEFORE the attack happens? In order to do that we need to talk about being ransomware resilient. What does it mean to be resilient? Being resilient means that a […]

Ransomware: To pay or not to pay, that is the question

paying ransomware

State of the ransomware attack. The good, the bad and the ugly… In some ways, the devastating ransomware attacks of the last two years have empowered security officers to obtain the budgets they need to upgrade their organizations’ cybersecurity preparedness and establish more robust security programs to cover people, technology, and procedures. The brazen nation-state […]

5 Core Elements of an Effective Cybersecurity Strategy for CISOs

cybersecurity strategy

There is no “one size fits all” when it comes to cybersecurity. Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight […]

The 20-Year Evolution of Nation-State Grade Cyber Attacks and Its Impact on Enterprises Today

20-Year Evolution of Nation-State Grade Cyber Attacks

Gone are the days where nation-state-grade cyberattacks were the exclusive activity of state actors against state targets. Today, the situation has shifted. Nation-state-grade cyberattacks are still dominated by state actors, but increasingly, non-state attackers purchasing nation-state-grade cyberattack tools on the Darknet, are also leading cyberattacks against private enterprises and even targeting private citizens.    Nation-state-grade […]

Why Should Nation-State Grade Attacks Be The Focal Point of Your Cybersecurity Strategy?

nation-state attacks

Anatomy of a nation-state grade attack The 2020 Solar Winds attack, believed to have been launched by Russia’s Cozy Bear (AKA APT29), a Russian hacker group reputedly associated with Russian agencies such as FSB and/or SVR, was a nation-state grade attack. It stealthily “trojanized” an update of SolarWinds’ Orion, an infrastructure monitoring and management software […]