What does it take to go from Cybersecurity to Cyber resilience

What does it take to go from Cybersecurity to Cyber Resilience As the threat landscape grows in complexity and moves at a far greater pace, companies are now coming to realize that having a complete cybersecurity is practically impossible. Cyberattacks are not a question of ‘if’ but ‘when’. Many organizational infrastructures today are rapidly and intensely connected to the internet. Security managers are faced with more challenges on protecting data and applications against malicious attackers. Read more…

Can we disable ransomware launched as a SYSTEM on thousands of machines at the same time?

Can we disable ransomware launched as a SYSTEM on thousands of machines at the same time? Cybercriminals Don’t Take a Break As everyone knows, there is currently a resurgence of attacks with ransomware all over the world. Cyber criminals have not made a truce despite the Covid-19 pandemic, and some do not seem to have taken any time off during the current summer. From an intelligence and cyber point of view, it is very interesting Read more…

SIGRed vulnerability

SIGRed Vulnerability A vulnerability named SIGRed and numbered CVE-2020-1350 was discovered in 2020 May by the Checkpoint Security Research Team. RISKS Remote code execution Server compromission Data exfiltration AFFECTED SYSTEMS The following server versions are affected (when the DNS service is activated): Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 Read more…

EUROPEAN NETWORK SENSORS

EUROPEAN NETWORK SENSORS When reviewing logs from a company, TEHTRIS CERT found multiple instances where an IP address had been trying to contact sensitive servers. Since these servers were unknown to open source databases, an investigation was conducted to understand how a potential attacker could identify the IP addresses of the company’s sensitive servers. Approach In order to determine the potential impact as soon as possible, we made assumptions based on: the nature of the Read more…

Handling and Halting the Cybercriminality Pandemic with Data

Handling and Halting the Cybercriminality Pandemic with Data Data is a necessary evil when it comes to our new world that’s run by technology. It’s both an opportunity as well as a risk for most businesses. Anyone who has anything to do with cybersecurity knows about big data. There is technology that allows us to mine enormous data sets and analyze them to find patterns and behavioral trends. Big data is collected from a wide Read more…

Monitoring Worldwide Cyber Attacks with Data-driven Honeypots

Monitoring Worldwide Cyber Attacks with Data-driven Honeypots Honeypots to delude attackers and record suspicious activities Honeypots have been around for decades and are now recognized as an effective way to catch cyber criminals right in the middle of their act. We can define honeypots as virtual machines that are set up on computers of an organization and made to simulate any other legitimate machine. They are generally installed with the same set of services and Read more…

TEHTRIS Updates, June 2020: Data for Cybersecurity

TEHTRIS Updates, June 2020: Data for Cybersecurity Context At TEHTRIS, we strongly believe that innovation is extremely important in cybersecurity. We place it at the heart of all our concerns, which results in major updates every 4 months. We have created a regular cycle of innovation, while maintaining a certain flexibility and adaptability to further develop our technologies. Today, as cyberattacks are increasingly sophisticated and can have a considerable impact on organizations, it is more Read more…

Uncovering Attackers and Anomalies Faster with Data-led Cybersecurity

Uncovering Attackers and Anomalies Faster with Data-led Cybersecurity Organizations are now facing an increasing set of cyberattacks from various places. Cybercriminals don’t just cost a business hard-earned cash, but they can also ruin its reputation, causing distrust in their existing, past, and potential customers. Cybersecurity experts are constantly trying to keep up with attackers and the changing landscape of our new reality. Meanwhile, attackers continue to target large organizations with remote workers housed in insufficiently Read more…

UPnP CallStranger vulnerability

UPnP CallStranger vulnerability RISKS Remote code execution Data exfiltration Involuntary participation in a DDOS attack AFFECTED SYSTEMS List being updated whose vulnerability is confirmed: Windows 10 – upnphost.dll 10.0.18362.719 Xbox One- OS Version 10.0.19041.2494 ADB TNR-5720SX Box (TNR-5720SX/v16.4-rc-371-gf5e2289 UPnP/1.0 BH-upnpdev/2.0) Asus ASUS Media Streamer Asus Rt-N11 Belkin WeMo Broadcom ADSL Modems Canon Canon SELPHY CP1200 Printer Cisco X1000 – (LINUX/2.4 UPnP/1.0 BRCM400/1.0) Cisco X3500 – (LINUX/2.4 UPnP/1.0 BRCM400/1.0) D-Link DVG-N5412SP WPS Router (OS 1.0 UPnP/1.0 Read more…

Data-driven Cybersecurity: Unraveling Insights for Better IT Security

Data-driven Cybersecurity: Unraveling Insights for Better IT Security In traditional cybersecurity arrangements, data had little to no role to play. It was managed in an ad hoc manner and manually handled by security analysts. However, as cybersecurity attacks increased in volume and complexity, such conventional approaches met limitations in mitigating threats and reducing their risks to businesses and organizations. As a result, the cybersecurity systems of today and tomorrow have become more flexible and efficient Read more…