gthao_CYBR332

As cyber threats continue to grow in numbers, targeting databases and companies' digital assets, security experts constantly develop security measures to undermine those threats. As a result, analysts in today's SOCs are highly pressured to perform well as they are expected to protect companies' data, regardless of its location, while navigating the complexity of the modern hybrid organization. In a Twitter poll, 63% of the participants pointed out the importance of data security as being of high importance. The survey also stated that 6 in 10 organizations received more than 500 cloud security alerts per day. The mental fatigue of those constant threats caused companies to miss critical alerts weekly or even daily. 55% of companies admit to it. Therefore, security experts' fear of missing incidents (FOMI) increases because data breaches will affect the company's credibility and will result in monetary damages, and fines. 35% of cyber professionals also reveal they ...

Pepsi Bottling Ventures LLC is one of the largest beverages company in the US and has 18 bottling operations.  The company became the victim of network intrusion, leading to a data breach. The information-stealing malware was installed and was able to extract data from the IT systems.  Unfortunately, the breach was only discovered on January 10th 2023 as there was a trace of access from an unknown party who had downloaded information from the system. This breach was discovered 18 days after the malware infiltration, and the malware remediation took a long time.  The data was exposed for a period of 27 days. Numerous sensitive pieces of information were stolen such as full names, home addresses, financial account information, SSNs, and so on.  In order to countermeasure this breach, the company decided to reset all company passwords, notified law enforcement, and reinforced network security. In addition, the company compromised systems were suspended in order to asses...

A wave of ad fraud is spreading throughout virtualized .NET loaders, which will install Formbook information-stealer malware to the device. Fraud ads use malicious engines in order to make users download well-known applications, but instead of downloading the desired application, they will get a trojanized malware into their device. In addition, the loader will disguise itself as a legal Microsoft Process Explorer driver, and try to have elevated permission. By gaining access to those privileges, they can terminate applications that could detect its presence in the system.  For instance, the loaders MalVirt use obfuscated virtualization for anti-analysis and evasion with the Windows Process Exploder driver to terminate processes. This one uses the KoiVM virtualizing protector for .NET applications in order to disguise itself and spread the FormBook malware Since Microsoft revealed they want to prohibit the execution of macros in Office by default from files obtained from the intern...