Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers

The Hacker News reported on critical Cosmos database flow which can potentially affect thousands of Azure customers.

Cloud infrastructure security company Wiz on Thursday revealed details of a now-fixed Azure Cosmos database vulnerability that could have been potentially exploited to grant any Azure user full admin access to other customers' database instances without any authorization.

The flaw, which grants read, write, and delete privileges, has been dubbed "ChaosDB," with Wiz researchers noting that "the vulnerability has a trivial exploit that doesn't require any previous access to the target environment, and impacts thousands of organizations, including numerous Fortune 500 companies."

Read further on The Hacker News

by Trilight

Trilight Security Has Been Featured 4th Among Top 40 IT Service Companies in Estonia

The Manifest, a renowned business news and how-to website, a sister website of Clutch, which is a famous B2B ratings and reviews platform. The Manifest launched in February 2018 and since then won a reputation for the data-driven benchmarks, how-to guides and agency shortlist.

In August, 2021, The Manifest published its new shortlist TOP 40 IT SERVICES COMPANIES IN ESTONIA, where Trilight Security has been featured at high fourth place among top Estonian IT Services companies, and basically, the top company regarding cybersecurity specialization.

Trilight Security Team is proud to get yet another confirmation of its skills and efforts in cybersecurity field.

Read the shortlist on The Manifest

by Trilight

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

The Hacker News published a report on the malware cheating Windows Defender

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign.

"The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service," Bitdefender researchers said in a report shared with The Hacker News. "The malware arrives on target systems by posing as cracked installers. It downloads a malware sprayer that obtains a list of URLs from the C2 server and downloads the payloads from the received links."

Read more on The Hacker News

by Trilight

CISA Publishes Catalog of Poor Security Practices

The DARKReading edition published a list of poor security practices

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is creating a catalog of poor security practices that increase risk for organizations, especially those supporting designated critical infrastructure or what it calls National Critical Functions (NCFs).

Security professionals, including the team at CISA, often focus on promoting best practices they should take, wrote CISA Executive Assistant Director Eric Goldstein in a blog post on the news. It's equally important, he continued, that they focus on stopping poor security practices as well.

Read more on the DARKReading.

by Trilight

5 Critical Steps to Recover From a Ransomware Attack

The Hacker News published a short manual on essential steps for recovery after ransomware attack.

Hackers are increasingly using ransomware as an effective tool to disrupt businesses and fund malicious activities.

A recent analysis by cybersecurity company Group-IB revealed ransomware attacks doubled in 2020, while Cybersecurity Ventures predicts that a ransomware attack will occur every 11 seconds in 2021.

Read further on The Hacker News

by Trilight

DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months

The Hacker News reported on ransomeware campaign of DarkSide.

"In total, just over $90 million in bitcoin ransom payments were made to DarkSide, originating from 47 distinct wallets," blockchain analytics firm Elliptic said. "According to DarkTracer, 99 organizations have been infected with the DarkSide malware - suggesting that approximately 47% of victims paid a ransom, and that the average payment was $1.9 million."

Read further on the Hacker News

by Trilight

Global Phishing Attacks Spawn Three New Malware Strains

The Threat Post reported on large scale phishing attack.

Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye's Mandiant cybersecurity team.

On Tuesday, the team said that they've dubbed the hitherto-unseen malware strains:  Doubledrag, Doubledrop, and Doubleback. What Mandiant called the trifecta spear-phishing campaign twice hit a wide swath of industries worldwide: first on Dec. 2, 2020, with a second wave launched between Dec. 11 and Dec. 18, 2020.

Read further on The Threat Post

by Trilight

3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances

The Hacker News informed that SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild.

Tracked as CVE-2021-20021 and CVE-2021-20022, the flaws were discovered and reported to the company by FireEye's Mandiant subsidiary on March 26, 2021, after the cybersecurity firm detected post-exploitation web shell activity on an internet-accessible system within a customer's environment that had SonicWall's Email Security (ES) application running on a Windows Server 2012 installation. A third flaw (CVE-2021-20023) identified by FireEye was disclosed to SonicWall on April 6, 2021

Read more on The Hacker News

by Trilight

Trilight Security Featured among Top Cybersecurity Consulting Companies 2021 by Superbcompanies.com

Trilight Security is proud to announce that we were ranked in the list of top Cybersecurity Consulting Companies.

Superbcompanies.com is a portal that helps companies looking for IT, Cybersecurity, Software Development etc. service providers find reliable partner. To achieve this goal companies featured on Superbcompanies.com undergo thorough assessment based on such criteria as industry presence, expertise level, quality and reliability of services, and more.

Superbcompanies.com has more than 10 years of experience analyzing businesses and their qualification worldwide. Creating list of top providers of IT-related services, this portal helps potential customers make justified buying decisions.

Trilight Security was featured among Cybersecurity Consulting Companies due to recognition by existing customers and demonstrated ability to provide high-quality cybersecurity services such as Managed Security and more:

  • Penetration Testing
  • Vulnerability Analysis
  • Security Monitoring
  • Threat Analysis & Management
  • Incident Response
  • SOC-as-a-Service
  • Cybersecurity Audit
  • Cybersecurity Outsourcing & Outstaffing

Trilight Security is a Managed Security Services Provider (MSSP) with focus on customers from small and medium businesses. We also provide managed IT services and cloud services to have all IT assets of our customers running smoothly and protected reliably.

Thank you to the Superbcompanies team.

by Trilight

When security and resiliency converge: A CSO's perspective on how security organizations can thrive

The Security Magazine published an article by John Scimone on perspectives for security organizations. 

You've just been hired to lead the security program of a prominent multinational organization. You're provided a seasoned team and budget, but you can't help looking around and asking yourself: How will I possibly protect every asset of this company, every day, against every threat, globally? After all, this is the expectation of most organizations, their customers and shareholders, as well as regulators and lawmakers. In my experience, one of the top challenges security leaders face is trying to optimize a modest security budget to protect a highly complex and ever-expanding organizational attack surface. In fact, Accenture found that 69% of security professionals say staying ahead of attackers is a constant battle and the cost is unsustainable. For most, this challenge is extremely discouraging. However, success is not necessarily promised to those with resources. It's more about how resourceful you can be.

Read further on the Security Magazine

by Trilight