Five Blind Spots That Leave You Open to Supply Chain Vulnerabilities
BrandPost ExtraHop

Five Blind Spots That Leave You Open to Supply Chain Vulnerabilities

It’s estimated by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chain. Is your organization prepared?

Assessing Network Analysis and Visibility Solutions for Zero Trust
BrandPost ExtraHop

Assessing Network Analysis and Visibility Solutions for Zero Trust

The rising trend of zero trust implementation is a direct reaction to increasingly sophisticated cyberattacks. Zero-trust principles foster more effective threat detection because they reject the notion that security happens at the...

Beating Ransomware in the Midgame: Detection Best Practices in 2022
BrandPost ExtraHop

Beating Ransomware in the Midgame: Detection Best Practices in 2022

Ransomware varies in the type of encryption used, the scale of data encrypted, and their capacity to spread between computers. It has become increasingly sophisticated, with more advanced encryption, new vectors for infection, and the...

Detect and Stop Spring4Shell Exploitation
BrandPost ExtraHop

Detect and Stop Spring4Shell Exploitation

On March 29, 2022, ExtraHop's Threat Research team noticed social media chatter regarding a new remote code execution (RCE) vulnerability in the Spring Core Framework and began tracking the issue. Read on to uncover their findings,...

Shields Up: A CEO's Guidance for Corporate Leaders on Cybersecurity Readiness
BrandPost ExtraHop

Shields Up: A CEO's Guidance for Corporate Leaders on Cybersecurity Readiness

What CISA is asking on behalf of every CISO and every security practitioner is this: Cybersecurity is essential to your business, and we have reached a moment when it is at incredibly high risk. Give your security teams your full...

Practical Steps for Responding to the CISA Warning on Russian Cyber Attacks
BrandPost ExtraHop

Practical Steps for Responding to the CISA Warning on Russian Cyber Attacks

On February 25, 2022, two days after Russia began its military invasion of Ukraine, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a rare ‘Shields Up’ warning for U.S.-based organizations, stating: "Every...

New Gartner Report, Quick Answer: Ransomware — What Happens If You Pay?
BrandPost ExtraHop

New Gartner Report, Quick Answer: Ransomware — What Happens If You Pay?

There's one surefire way to end ransomware once and for all: Stop paying. If every organization that suffered a ransomware attack refused to pay up, the threats would lose their income stream, and the work would dry up leading to the...

What You Need to Know about BlackByte Ransomware as a Service
BrandPost ExtraHop

What You Need to Know about BlackByte Ransomware as a Service

The BlackByte playbook focuses on exploiting known vulnerabilities in public-facing server infrastructures. However, security teams have an opportunity to detect and respond to ongoing threats before they result in costly breaches.

Common Threats to Cloud Security
BrandPost ExtraHop

Common Threats to Cloud Security

Let's start with the elephant in the (Zoom) room: Work from home. It has pushed more organizations to the cloud and is increasing usage by those already there. That widespread adoption makes cloud more of a target for attackers, and...

Build Resilience Amid Rising Risk of Russian Cyberthreats
BrandPost ExtraHop

Build Resilience Amid Rising Risk of Russian Cyberthreats

Russian advanced persistent threat groups are known for using tactics that evade perimeter defenses—organizations must stay vigilant and use a layered security approach.

Detect Log4j Attacks Hiding in Encrypted Traffic
BrandPost ExtraHop

Detect Log4j Attacks Hiding in Encrypted Traffic

ExtraHop threat researchers have observed attackers in the wild using encrypted traffic to avoid detection of Log4Shell attacks. This is consistent with the general trend of cyberattackers using encryption as an evasion mechanism to...

How Ransomware Works and How to Prevent It
BrandPost ExtraHop

How Ransomware Works and How to Prevent It

Ransomware can strike any industry, from logistics and media companies to non-profit organizations and governments. Even hospitals are targets for ransomware, holding data and lives hostage.

IT in the Crosshairs of Modern Ransomware
BrandPost ExtraHop

IT in the Crosshairs of Modern Ransomware

The days of smash-and-grab cyberattacks are over. Instead, headline-making hits on Acer, JBS Foods, and Colonial Pipeline make it clear: We've entered a new, more sophisticated modern era of ransomware tactics.

New Ruling Sets Security Incident Notification Standards for Financial Organizations
BrandPost ExtraHop

New Ruling Sets Security Incident Notification Standards for Financial Organizations

A new rule issued by the OCC, Board of Governors of the Federal Reserve, and the FDIC requires banking organizations to notify federal regulators within 36 hours of certain security incidents. The ruling, titled Computer-Security...

When They're Already Inside the Walls: How to Detect and Stop Lateral Movement
BrandPost ExtraHop

When They're Already Inside the Walls: How to Detect and Stop Lateral Movement

You already have security tools meant to prevent attackers from getting into your environment, but what happens after they compromise one of your systems? It could happen many ways, and wise security professionals know that good...

Exchange Server Security Challenges Explained
BrandPost ExtraHop

Exchange Server Security Challenges Explained

Monitoring and securing Microsoft Exchange Server has its own set of unique challenges that administrators and security analysts need to be aware of now.

Container Security: Definition, Best Practices, and Examples
BrandPost ExtraHop

Container Security: Definition, Best Practices, and Examples

For many organizations, containers are increasingly the fuel used to power innovation and business growth.

Bridging Data Retention Gaps En Route to Zero Trust
BrandPost ExtraHop

Bridging Data Retention Gaps En Route to Zero Trust

Change isn't coming—it's rapidly underway for many government agencies and public sector organizations. Driving that change is the ever-present threat of ransomware and recent cybersecurity initiatives that have bubbled up in...

Wildcard Certificate Risks and the ALPACA TLS Attack
BrandPost ExtraHop

Wildcard Certificate Risks and the ALPACA TLS Attack

Earlier this month the National Security Agency (NSA) issued a technical advisory warning of an attack dubbed ALPACA. It highlights the cybersecurity risks of using wildcard TLS certificates. So how does this attack work and why does...

Secure Microsoft 365 with Reveal(x) 360 Network Detection and Response
BrandPost ExtraHop

Secure Microsoft 365 with Reveal(x) 360 Network Detection and Response

Reveal(x) 360 monitors Microsoft 365 activity for suspicious or risky behavior, and correlates Microsoft 365 detections with powerful machine learning-driven network threat detection.

Load More
Top Blog Posts