A previously unknown threat group known as “Sandman” is making its presence felt. The group uses a modular information-stealing malware called “LuaDream” to target telecommunication service providers in the Middle East, Western Europe, and South Asia. Sandman: How This New…
Category: Heimdal Security Blog
Computer Security Incident Response Team (CSIRT): How to Build One
According to the World Economic Forum, “widespread cybercrime and cyber insecurity” is rated as one of the greatest worldwide dangers for the following two and ten years. This means that your organization needs to constantly improve its cybersecurity posture. A…
International Criminal Court Reveals System Breach and Plans to Bolster Security
The International Criminal Court (ICC) announced on September 19th that hackers breached their computer systems. ICC storages highly sensitive information about war crimes and is thus one of the world`s most important public institutions. What We Know About the ICC…
Critical GitLab Pipeline Vulnerability Revealed. Users are urged to patch immediately
GitLab disclosed critical vulnerability that enables hackers to run pipelines as other users by leveraging scheduled security scan policies. The platform issued an advisory and urged users to apply available updates as soon as possible. The GitLab pipeline vulnerability was…
Improper Usage of SAS Token Leads to Massive Microsoft Data Leakage
Microsoft researchers leaked 38TB of sensitive data to a public GitHub repository while training open-source AI learning models. The Microsoft data leakage occurred starting July 2020 and white hat hackers only discovered and reported it on June 22nd, 2023. Consequently,…
Cryptocurrency Scams to Heavily Target TikTok Users
Cybercriminals heavily target TikTok users with cryptocurrency giveaway scams. The vast majority of the posts impersonate Elon Musk and relate to Tesla or SpaceX. These types of posts have been on other social media platforms – Instagram and Twitter –…
EDR for Banking: 6 Ways EDR Can Help Financial Organizations
There are financial advantages to investing in cybersecurity, especially in Endpoint Detection and Response (EDR) solutions. Breaching one financial institution can bring threat actors access to a variety of companies’ assets. That is because banks store money and data for…
Best Practices for Endpoint Security in Healthcare Institutions
While achieving compliance with industry standards is the minimum, it’s not enough to prevent insider threats, supply chain attacks, DDoS, or sophisticated cyberattacks such as double-extortion ransomware, phishing, business email compromise (BEC), info-stealing malware or attacks that leverage the domain…
How DNS Layer Security Stops Ransomware and Other Cyberattacks
DNS-Layer Security protects users from threats that arise from inbound and outbound traffic. It refers to monitoring communications between endpoints and the internet at a DNS-layer level. Imagine the DNS layer security as a gatekeeper who makes sure that all…
Two New York Hospitals Breached by the LockBit Ransomware Group
The notorious LockBit ransomware group claims to have breached two major hospitals from upstate New York, the Carthage Area Hospital and Claxton-Hepburn Medical Center. The two hospitals serve hundreds of thousands of patients. Details on the Attack: The Hospitals Are…