Orenda Security LLC

It's not about FUD, it's about a reminder of potential impact of an incident. ➡️ Ransomware attack cost IKEA operator in Eastern Europe $23 million 💡 This information is a good KPI for board member to have a risk quantification idea in regards to potential incident. Of course, you can scale it according to your business size. ✔️ This should help you validating your risk management approach, with proper measure to contain a potential incident with effective security controls. ➡️ Whatever your environment is, cloud based, endpoints, industrial and critical systems ? All environment can benefit from best practices, good security architecture and regular assessments. #cybersecurity #riskmanagement #technology #cloud #incidentreponse #pentesting https://lnkd.in/dpzF5qYb

Have you already taken action to protect your organization from Quantum threat on traditional encryption ? ➡️ OpenSSL prepares for a quantum future with 3.5.0 release Good news is that standards are evolving to support your organization toward more resilience against evolving technology. Part of your security assessment should include the threat of Quantum computing, and while not yet practically in action, it's a great time to work on your organization readiness against it. #cybersecurity #openssl #tls https://lnkd.in/eCDxp9vD

Security posture and architecture is an essential element of your organization resilience, especially when uncertainty is floating around. ➡️ Sakura RAT Released on GitHub Can Bypass Antivirus and EDR Tools 💡 Sakura RAT is an advanced remote administration tool bundled with several potent features that make it exceptionally stealthy and effective. This is not a unique tool allowing to bypass security tools, but this one is openly freely available. Awareness is key to build better defenses against such tools. #cybersecurity #github #RAT #malware #threatintelligence #pentesting https://lnkd.in/eDWFpmAV

While complex hacks and attacks make the headline, a lot of incident still come from basic attacks, through emails and phishing. 💡 Malicious PDFs Responsible for 22% of All Email-Based Cyber Threats Malicious PDF files have become a dominant threat vector in email-based cyberattacks, accounting for 22% of all malicious attachments. ➡️ The complexity and trusted reputation of PDFs make them a prime target for cybercriminals, who exploit vulnerabilities to bypass security measures and evade detection. Cybercriminals are using sophisticated evasion techniques, such as URL evasion, file obfuscation, and machine learning manipulation, to hide malicious content within PDFs and bypass next-gen security measures. Organization must combine awareness training with advanced security controls to reduce the likelihood of an incident. #cybersecurity #emailsecurity #PDF #threatintelligence https://lnkd.in/gZ2BJ3Sv

The kill chain is always made of multiple assets, from compromised environment to spreading the payload on other targets. ➡️ FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites While the technical details of the techniques and procedures involved base64 encoding and python scripts, the source is corrupted online services. This is why it is critical for all organizations to properly implement their security controls. As more organization have migrated to cloud based environment, continuous security posture audit is key. Cloud has been find heavily targeted to support cyber criminals, due to misconfigurations and high connectivity. Have you the proper controls in placed ? Cloud security posture review, endpoint detection and response with proper policies to ensure mitigation when a payload is delivered ? #cybersecurity #cloud #threatintelligence https://lnkd.in/gFRFhU_9

Assessing your cloud security posture is critical, especially to cover your part of the responsibility in the public cloud model. 𝟓 𝐈𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐀𝐖𝐒 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐘𝐨𝐮'𝐫𝐞 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐢𝐛𝐥𝐞 𝐅𝐨𝐫 While the linked article brings 5 interesting points, it also shows that you can't fly blind in your cloud environment. You need to have solutions that bring an holistic view, and ideally, a first time complete posture assessment. This will help your organization establish a baseline, and from there, maintain your security posture over time. #cybersecurity #cloud #cloudsecurity #governance #AWS https://lnkd.in/gtWCzifZ

Healthcare cyber security is sadly in close to the state as critical infrastructure security. It needs to catch up a lot, as the systems and their architectures were not designed to be exposed on large networks. ➡️ Healthcare’s alarming cybersecurity reality As digital transformation is still accelerating on a side, the expansion of the attack surface jeopardize the security and safety of critical and medical connected infrastructure. When applying any changes to such environments, or adding connectivity, risk and security assessments are key. #cybersecurity #criticalinfrastructure #iot #IIOT https://lnkd.in/eGnvMQyH

New persistence strategy appeared in #NPM software supply chain poisoning. Two malicious packages, ethers-provider2 and ethers-providerz, were found on npm registry, designed to infect locally installed packages. The packages used simple downloaders with hidden malicious payloads and patched (with malware) other legitimate packages to serve reverse shells. Uninstalling the rogue packages won't remove compromised machines of malicious functionality since changes reside in popular libraries through the lateral infection. Removing one package risks reinfection when it's installed again at a later time. The attack demonstrates novel ways threat actors are serving and persisting malware in developer systems, highlighting the need for careful scrutiny of open-source packages. Securing and auditing your software supply chain becomes a bit more complex, with the need for stronger continuous control. #cybersecurity #softwaresupplychain #devops #sbom Link to articles related to this information to be added in comments.

Infrastructure security requires an holistic view, as threats are targeting organizations in many forms. ➡️ FBI warnings are true—fake file converters do push malware ⚠️ FBI warns about fake online document converters being used to steal information and deploy ransomware. These scams use free online tools to load malware onto victims' computers, leading to incidents like ransomware. Cybercriminals create websites promoting these tools, claiming to convert files or combine them, but the resulting file may contain hidden malware. Users should research and review online file converters before using them, as some may be malicious. Always check with your IT service or provider when you want to install or use a new solutions. #cybersecurity #malware #threatintelligence Link to related article to be posted in comment.

Two critical-rated security flaws in Cisco Smart Licensing Utility have been patched and are being actively exploited by unknown threat actors. The vulnerabilities, CVE-2024-20439 and CVE-2024-20440, allow attackers to log in with administrative privileges and access sensitive data. Cisco has already released patches for versions 2.0.0, 2.1.0, and 2.2.0, but users are advised to apply the patches for optimal protection due to ongoing active exploitation. Threat actors are also exploiting other known flaws, including CVE-2024-0305, in addition to the newly discovered vulnerabilities. The end goal of the campaign is currently unknown, but it's essential to prioritize patching the affected software to prevent potential damage. #cybersecurity #patchmanagement #cisco Link to an article on the topic to be added in comments.