THE RISE OF AI POSES NEW SECURITY THREATS
AI content generation has dominated social media cycles recently. Ranging from a myriad of positive, helpful, and creative solutions of all sorts of tasks, to much more malicious purposes. Lodestone has noticed a consistent pattern of security researchers and malicious actors tout the many uses of AI engines such as ChatGPT to create malware, enhance […]
HOW TO IDENTIFY AND PROTECT YOURSELF FROM EMAIL SPOOFING
Email Spoofing is a technique involving sending emails with a fake sender address, stealing the identity of a real user that is typically trusted in the eyes of the victim. It is important to be sure that your emails are protected from spoofing multidirectional. Spoofed emails could lead to users downloading malware, loss of data, […]
NETWORK SEGMENTATION AND HOW IT CAN PREVENT RANSOMWARE
Network segmentation is a critical security measure for any network because it works on multiple levels to protect data and devices, as well as reduce and remove attack vectors. There are multiple levels to network segmentation, examples of which include: Malicious users are looking to accomplish multiple items within your network. From data exfiltration to […]
DDOS DEFENSE: DON’T LET HACKERS SPOIL THE SEASON
As the holiday season approaches yearly, so too does a wave of distributed denial-of-service (DDoS) attacks. Savvy threat actors know that the winter holidays mean that many organizations have fewer resources available to monitor their networks, creating opportunities for attack. This is especially true on e-commerce websites where traffic volume is at an all-time high, […]
HOOK, LINE, AND SINKER: PHISHING GROWS EVEN MORE DESTRUCTIVE AS THREAT ACTORS PIVOT TO EMAIL-CONNECTED APPLICATIONS
Lodestone has responded to hundreds of business email compromises (BECs) over the past several years, in which threat actors gained access to a company employee’s email account using tactics such as leaked credentials, phishing, and brute force. Once an email account has been compromised, threat actors often begin searching for ways to defraud a company’s […]
MORE RANSOMWARE REARS ITS UGLY HEAD
September proved to be another hectic month in an ongoing trend of increasing ransomware incidents. Lodestone saw a massive uptick in cases with what may be a record: nearly 50 victims posted in 24 hours. The LockBit 3.0 ransomware group has been the primary player, accounting for over 30% of all the ransomware events Lodestone […]
THE FUTURE OF SECURITY NOW: BEHAVIORAL DETECTION
There is nothing static about the world of cybersecurity. Threat actors have progressed by leaps and bounds since hackers and breaches first began to make popular headlines. The minimum security standards, too, have evolved to give companies a fighting chance against increasingly advanced tactics. Traditional anti-virus (AV) relies on a defined set of signatures to […]
ESXI ON MY MIND: DEFENDING ONE OF RANSOMWARE’S NEW FAVORITE TARGETS
Ransomware groups on the rise are expanding their targets and evolving their tactics to have more devastating impacts on victims than ever. A recent trend has involved using ransomware against VMware ESXi server hosts to affect as many systems in an environment as possible, even if they are virtual machines. Defend yourself and your critical […]
BACK IN BLACK: BLACKBASTA RANSOMWARE ON THE RISE
Don’t let this new ransomware group fade your business to black. BlackBasta, a ransomware group on the rise, has been increasingly active over the past month – that behavior is likely only to continue. Lodestone has observed a number of tactics and targets related to this group that may help your company better protect itself […]
ACCOUNT AUDITING
This month’s main topic may seem basic, but it is incredibly impactful. In the past few months, Lodestone has observed several instances of threat actors taking advantage of poor account hygiene to cause damage to businesses. Threat actors can use poor account security to their advantage in several ways. Accounts with default or weak passwords, […]