Thought Leadership

Home|Thought Leadership

Report: Ransomware Attacks Doubled Between 2020, 2021

A recent analysis from the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) found that ransomware attacks doubled between 2020 and 2021, including a disproportionately large spike coming from Russia. Ransomware is malicious software that encrypts a victim’s files and holds the data hostage until a ransom is paid, typically through cryptocurrency.

2022-11-08T17:19:21+00:00November 8th, 2022|Thought Leadership|

Microsoft Discloses Two New Active MS Exchange Zero-Day Bugs, No Immediate Fix

On Thursday, September 29th, Microsoft publicly disclosed two unpatched vulnerabilities impacting on-premises Microsoft Exchange servers that were capable of granting remote access to threat actors. These zero-day vulnerabilities have been identified as CVE-2022-41040, which is a Server-Side Request Forgery (SSRF) vulnerability, and CVE-2022-41082, which allows remote code execution (RCE) when PowerShell is accessible to the attacker.

2022-09-30T15:26:39+00:00September 30th, 2022|Thought Leadership|

How The Defense in Depth Strategy Protects Organizations

Contrary to the promises of the various security appliance providers, there is no single solution in information security to defend against the various attack vectors available to threat actors (TAs). However, we recommend that businesses adopt Defense in Depth, a strategy of applying multiple layers of defensive mechanisms to better protect an organizations’ valuable

2022-09-28T17:39:36+00:00September 28th, 2022|Thought Leadership|

Why Social Media Data Will Play A Bigger Role in Digital Forensic Investigations

As a digital forensics and incident response (DFIR) firm, BinaryLab has conducted numerous investigations to provide stakeholders with timeline and root cause analysis for issues ranging from business email compromise up to ransomware attacks. An oft-forgotten area of concern, however, is social media. Social media channels can be a stand-alone area of investigation

2022-09-30T15:18:10+00:00July 26th, 2022|Thought Leadership|

Hackers Exploit Critical Atlassian Confluence Flaw

Researchers have discovered an unauthenticated Remote Code Execution (RCE) flaw, which is being tracked as CVE-2022-26134 and can compromise even the most up-to-date, patched version of Atlassian’s Confluence Server solution. On June 2nd, Atlassian released an advisory stating that versions of Confluence Server and Data Center 7.4.0 and higher are potentially vulnerable. Security

2022-06-03T21:56:20+00:00June 3rd, 2022|Thought Leadership|

What You Need to Know About the Strengthening American Cybersecurity Act

In the wake of the Russian military invasion of Ukraine, fear of cyberwarfare has risen among the American public, many of whom still have the Colonial Pipeline ransomware attack fresh on their minds. In response, the U.S. government is seeking not only to address these events, but also to raise awareness and security compliance

2022-04-19T19:22:32+00:00April 19th, 2022|Thought Leadership|

What the Recent Okta Compromise Could Mean for You and Your Business

Okta, a massively popular company which provides identity and access management (IAM) services to clients worldwide, was recently targeted by threat actor Lapsus$. The compromise of Okta and other providers of IAM services is highly sensitive and potentially far-reaching as Okta’s IAM services alone allow approximately 15,000 companies to securely log into multiple

2022-04-07T20:00:33+00:00April 7th, 2022|Thought Leadership|

Cybersecurity Capability Maturity Model Breakdown: Part 1

At BinaryShield, it is our philosophy that custom-tailored, proactive solutions that align with best security practices and regulatory frameworks are the best methods to address people, technologies, and facilities to provide actionable cybersecurity strategies. One such framework, which has garnered significant attention due to its complexity and transformative nature, is the Cybersecurity Capability Maturity

2022-02-10T15:20:55+00:00February 10th, 2022|Thought Leadership|

D.C. and Data Breaches: What You Need to Know

The ubiquity of concerted campaigns through phishing and various other methods of malware deployment have led to individuals, small and midsized businesses (SMBs), and the largest companies worldwide to deal with the brutal impact of a data breach on daily operations. This pervasiveness is understood to occur due to the low-risk, high-reward ecosystem in

2022-02-08T18:22:11+00:00February 8th, 2022|Thought Leadership|

The Dangers of Consent Phishing

Cyber incidents often rely on human engagement to enable malware. Despite deploying security controls on the user’s account, target environment, and device, additional emerging threats may occur which require both users and enterprise administrators to put safeguards in place to mitigate the impact. The purpose of this blog is to analyze and mitigate

2022-02-03T22:04:17+00:00February 3rd, 2022|Thought Leadership|
Go to Top