CyberSec Bites

Is there a threat in the cloud?Have you ever asked yourself why there are so many news articles describing identity theft, business email compromises, phishing campaigns, deepfakes, and so on? The reason behind this is the shift in the IT field and the introduction of the cloud.In the past, all employees came to work in the company building where they had a computer with pre-installed applications and all resources they accessed were most frequently located in the basement of the same building. At the same time, there was also a limited number of servers exposed to the internet. Therefore, few options for threat actors to penetrate the premises of the organization. If you secured the applications opened to the internet and configured the firewalls, your business was mostly secure from cybercriminals.In the last few years and especially in 2020, we witnessed a major shift towards the cloud. In the context of cybersecurity and threats, this caused a shift in the paradigm. Suddenly, we accessed corporate resources remotely, outside of the haven of corporate network, over the (unsecure) internet. Our identities were no longer limited to on-premises environments. We obtained cloud identities. That is why your focus as a business or security professional should also change from on-premises oriented security to identity-oriented security. The most important phrase to remember is: “Do not trust, always verify”.

Cybersecurity analysts have already identified malware that was specifically developed to attack Ukraine. HermeticWiper or Whisper Gate malware is known and being used in cyberwarfare.Do these technologies also pose a threat to entities that have nothing to do with the war? What is the risk for organizations if/when cybercriminals get their hands on the aforementioned or similar malware? Should you do something about it?Jan Bervar and David Kasabji, security experts from Conscia Group, presented the latest cyberwarfare threat intelligence. They also explained how to use these findings to improve your cyberdefenses.Visit nil.com to learn more

Jakob Premrn, CySA+, CCNP, Security+, RHCSA, is a cybersecurity analyst at NIL´s Security Operations Center (SOC). He mostly deals with security incidents. He is an expert for the SIEM, NDR, and EDR tools. He specializes in Microsoft technologies, but he also deals with developing and testing new technologies at SOC.More informationTo learn more about NIL`s SOC services, visit this webpage.To learn more about NIL, visit nil.com