Help Center Logpoint Docs Idea Portal Logpoint.com

Emerging Threats - How can you protect your company and your customers?

How can you protect your company and your customers?

  • 6 Topics
  • 0 Replies

6 Topics

N
Nanna Dalbjørn SkovCommunity Manager
posted in Emerging Threats - How can you protect your company and your customers?

Insidious Nightmares: Automating Employee Onboarding and Off-boarding

🔐 Goodbyes can harbor unforeseen risks, especially when departing employees possess crucial access and knowledge. Meet the "Lord Darths" of the corporate world—ex-employees with potent technical admin privileges, driven by motives to harm or exploit. Insider threats are real, and their impact can be substantial.Consider the alarming history of insider threat cases; these individuals, armed with expertise and access, pose a considerable risk. Managing the employee lifecycle is pivotal and include everything from onboarding, retention, development, recognition, and exit. Our latest blog uncovers the critical stages of onboarding and exit - Check out the blog by Logpoint Security Analyst, Roshan Bhandari, on our website here or read key insights below:  Insights into Insider Threats Staggeringly, 74% of respondents to a survey feel moderate to extremely vulnerable to insider threats. The most critical impacts of insider attacks were loss of critical data (45%), brand damage (43%), and 

0
N
3 months ago
N
Nanna Dalbjørn SkovCommunity Manager
published in Emerging Threats - How can you protect your company and your customers?

Phishing and Quishing – Email Investigation and Response Using LogpointBlog

Email has become an indispensable part of our lives, and the need for heightened cybersecurity awareness has never been more critical. Phishing attacks are among the most common and insidious threats to our online security. Here are some eye-opening facts that underscore the extent of this global issue. 💰 Shockingly, cybercriminals invest significant sums daily, ranging from $200 to $1000, to orchestrate intricate phishing campaigns, underscoring the immense resources allocated to compromising your security. 🔐 Disturbingly, statistics reveal that over the past six months, users reported phishing attempts only 11.3% of the time. This alarming figure highlights the need for proactive measures against these threats, as a significant number of malicious attempts go unreported. 🚫 The good news is that tech giants like Google are at the forefront of the fight against phishing. They actively thwart around 100 million phishing emails daily, providing a robust defense against these nefarious

190
N
5 months ago
N
Nanna Dalbjørn SkovCommunity Manager
published in Emerging Threats - How can you protect your company and your customers?

Unmasking APT29: The Elusive Cozy Bear Cyber Threat

Warning! Detect, respond, and manage this active ransomware with Converegd SIEM, AgentX, and SOAR automation playbooks. Emerging Threats Protection ReportNot Too Cozy: Cozy Bear What you get: Introduction to Cozy Bear  Free download report from our Security Research team.  Playbooks: Automate your way to protecting against Cozy Bear. How can you leverage your Converged SIEM against Cozy Bear? Download the report.Here is why this is important. Some Cozy Bear background info: Fast Facts:🔍 Aliases: The Dukes, APT-29, Cozy Bear, or Nobelium - whatever you call them, they're the same. We'll use these aliases interchangeably throughout the blog and report.🌐 A Notorious Background: The Dukes, believed to be linked to Russia's Foreign Intelligence Service (SVR), are a formidable cyber espionage group. Their targets? Governments, NGOs, businesses, think tanks, and other high-profile entities through sophisticated spear-phishing campaigns.🤺 Unconventional Tactics: The Dukes are known for thei

250
N
5 months ago
N
Nanna Dalbjørn SkovCommunity Manager
published in Emerging Threats - How can you protect your company and your customers?

WinRAR – Decompression or Arbitrary Code Execution

Fast Facts With over 500 million users worldwide, WinRAR is the world’s most popular compression tool! CVE-2023-38831, named ‘RARLAB WinRAR Code Execution Vulnerability is an arbitrary code execution vulnerability on WinRAR, with a CVSS score of 7.8 CVE-2023-38831 vulnerability has been patched in the latest version of WinRAR and the vulnerability resides on versions prior to 6.23. Threat Actors have been targeting this vulnerability to deliver malware such as Agent Tesla, GuLoader, Remcos, and Darkme.  Curious to read more and understand how Logpoint’s platform can assists analysts in detecting and responding to security issues? Read the full article on Logpoint’s blog here:  WinRAR – Decompression or Arbitrary Code Execution 

140
N
6 months ago
N
Nanna Dalbjørn SkovCommunity Manager
published in Emerging Threats - How can you protect your company and your customers?

Warning! Detect, respond, and manage this active ransomware with Converegd SIEM, AgentX, and SOAR automation playbooks.Blog

What you get: Introduction to Akira ransomware via blog. Free download report from our Security Research team.  Playbooks: Automate your way to protecting against Akira. How can you leverage your Converged SIEM against Akira? Download the report.Here is why this is important. Some Akira background info: Emerging Threat: Akira, Not a CyberPunk Movie – A Very Real Ransomware Threat Fast Facts Emerging in March 2023, Akira ransomware has been grabbing daily headlines with its relentless and perilous assaults, leaving a trail of mounting victims. Akira is actively targeting Cisco ASA VPNs without multi-factor authentication to exploit CVE-2023-20269 as an entry point for their ransomware. Akira was among the Top 10 Ransomware groups in August 2023, with no indication of slowing down. Not only Windows, but the Akira variant can also infect Linux systems As of September 6, 2023, they have successfully struck 110 victims, including big-name organizations such as Quality Assistance Lea

370
N
7 months ago
N
Nanna Dalbjørn SkovCommunity Manager
published in Emerging Threats - How can you protect your company and your customers?

Defending Against 8base: Uncovering Their Arsenal and Crafting Responses

The 8Base ransomware group initially surfaced on the cyber threat landscape in March 2022, and their activities significantly increased in June 2023. They notably target small and medium-scale industries. While their actions began in March 2022, it wasn't until May 2023 that a substantial increase in their activities became apparent. This placed them among the top 5 most active ransomware groups in both June and July 2023.In the realm of ransomware activities, our focus has unwaveringly remained on various groups and their activities. As the calendar rolled into July, the emergence of the 8Base group took a significant turn as it secured the 3rd position among the top 5 ransomware groups. As it continues to widen its range of victims and expand its operations, the group poses a growing threat solidifying its position as a potent adversary in the ever-changing cyber threat landscape.In the report you can read more about the Logpoint Emerging Threats Protection as well as recommendations

100
N
8 months ago

Badge winners

Show all badges
Terms & ConditionsCookie settings