Iranian Nation-State APT Groups Black Bo' Leak Overview and Analysis of Exposed Documents: Targets, Plans, and Attack Vectors

May 9, 2019

First stage – attempting to breach the network via a social engineering attack. This attack was unsuccessful as the nobody opened the malicious file. Concurrently, breaching the Linux system used by the website and injecting a shell. Note however that the Linux system had limited capabilities (it is unclear what the attackers meant by this). After considerable efforts the attackers eventually were able to install a hydra system. Afterwards the attackers executed a successful brute force attack on the SMB systems.

Spotlight

Lieberman Software

Lieberman Software proactively mitigates cyber-attacks that bypass conventional enterprise defenses and penetrate the network perimeter. By delivering an adaptive identity threat response in real-time, the company continuously secures your environment, countering malicious attacks from the outside, and within. Customers who use the Lieberman Software Adaptive Privilege Management Platform to continuously change privileged credentials and SSH keys are no longer exposed to unbounded business risk caused by sophisticated attacks. That’s why the largest companies and governments across the globe trust Lieberman Software to secure their assets, protect their finances, and guard their reputation.

OTHER WHITEPAPERS
news image

Security Pillar AWS Well-Architected Framework

whitePaper | October 18, 2022

Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon.

Read More
news image

Embracing Security Operations in the Educational Sector

whitePaper | December 22, 2022

Nearly every part of the educational sector has fallen victim to a cyberattack, from elementary schools to universities. Securing education is no longer a “nice to have” but a “must do” and is a growing concern among the global educational community. Creating and maintaining effective information security and cybersecurity operations in education comes down to people, processes, and tools. It’s crucial for IT and security leaders across the entire spectrum of educational institutions to find the right balance between the three. While there are success stories of achieving that balance, there’s always more to do to identify, understand, and mitigate cybersecurity risks to these organizations. Establishing and improving existing cybersecurity operations must become a priority.

Read More
news image

Madcap Central Security Whitepaper

whitePaper | February 8, 2023

MadCap Central leverages the security, power, and flexibility of the cloud to mitigate or eliminate many of the technical hurdles faced by both content creators and information technology professionals. The overhead traditionally associated with managing complex systems can hinder the ability to create content and deliver content efficiently. The goal of this document is to provide a high-level overview of the ways that Central addresses these challenges.

Read More
news image

Sharkgate Whitepaper

whitePaper | December 11, 2019

SharkGate specializes in protecting websites and has geared up to build the next-generation of website cyber protection: SharkGate is creating the World’s first distributed ledger powered Cyber Security solution designed exclusively to protect websites against hackers. SharkGate is taking a new approach that will change website security as the industry knows it and make the next-generation of cyber protection available to all websites worldwide.

Read More
news image

Adobe Acrobat with Document Cloud Services Security Overview

whitePaper | October 26, 2022

At Adobe®, we know the security of your digital experiences is important. Security practices are deeply ingrained into our internal software development and operations processes and tools and are rigorously followed by our cross-functional teams to prevent, detect, and respond to incidents in an expedient manner.

Read More
news image

Guide to Cloud Security Posture Management Tools

whitePaper | June 16, 2023

Good cloud security hygiene starts with complete visibility into the security and compliance posture of every resource you deploy into your cloud. It’s one thing to achieve this visibility in a single cloud environment—you can lean heavily on the native monitoring and auditing tools of your cloud provider, using third-party solutions to fill in gaps (e.g., threat detection)—but in a multi-cloud architecture, maintaining robust cloud security posture becomes exponentially more complex. It is much more difficult to achieve centralized visibility as well as consistently enforce policies and compliance rules within a multi-cloud environment. It’s also more complicated to detect threats and fix vulnerabilities quickly due to the sheer complexity of threats across distributed, multilayered architectures. You can address these challenges, though—and you need to, if you want to take advantage of multi-cloud architecture without compromising on security.

Read More

Spotlight

Lieberman Software

Lieberman Software proactively mitigates cyber-attacks that bypass conventional enterprise defenses and penetrate the network perimeter. By delivering an adaptive identity threat response in real-time, the company continuously secures your environment, countering malicious attacks from the outside, and within. Customers who use the Lieberman Software Adaptive Privilege Management Platform to continuously change privileged credentials and SSH keys are no longer exposed to unbounded business risk caused by sophisticated attacks. That’s why the largest companies and governments across the globe trust Lieberman Software to secure their assets, protect their finances, and guard their reputation.

Events