Home Blog Page 259

New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks

It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining malware is quickly becoming attackers’ favorite modus operandi.  In December 2017, 88 percent of all remote code execution (RCE) attacks sent a request to an external source to try...

A Slice of 2017 Sofacy Activity

Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Our private reports subscription customers receive a...

Break the Trust and Stop the Breach: The Zero Trust Security Model

As 2018 is upon us, it’s time to take stock of our new realities and commit to better behavior that benefits us and our companies. The discussion of the perimeterless enterprise is not new. In fact, the term “de-perimeterisation” was coined by Jon Measham, a former employee of the UK’s Royal Mail in a research paper, and subsequently used by the Jericho Forum back in...

Spam and phishing in 2017

Figures of the year The share of spam in mail traffic came to 56.63%, down 1.68% against 2016. The biggest source of spam remains the US (13.21%). 40% of spam emails were less than 2 KB in size. The most common malware family found in mail traffic was Trojan-Downloader.JS.Sload The Anti-Phishing system was triggered 246,231,645 times. 9% of unique users encountered phishing Global events in spam Spam...

Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse

Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators (DBAs) who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged administrators who are required to support production databases, the challenge of ensuring they are not...

Five Best Practices for Zero Trust Security

The Centrify Zero Trust Security model is effective because it allows organizations to remove trust from the equation entirely. Based on the assumption that untrusted actors already exist inside and outside the network, Zero Trust leverages powerful identity services to secure every user’s access to apps and infrastructure. Only after identity is authenticated and the integrity of the device...

A Deep Dive into Database Attacks [Part I]: SQL Obfuscation

Today, data breaches are a threat to every organization. According to a report from Risk Based Security covering the first half of 2017, over 6 billion records were exposed through 2,227 publicly-disclosed data breaches. The number of exposed records is already higher than the previous all-time high at the end of 2016. An organization’s database servers are often the primary targets of...

RSA 2018

RSA 2018 Digital Guardian will be exhibiting at RSA 2018. Discover all the things happening at our booth and beyond! - Read more

One GRC Manager’s Practical Approach to GDPR Readiness

With about four months to go before the GDPR becomes effective many companies are still struggling with where to start.  You’re not alone.  According to this survey, the majority of companies are slow off the mark. On top of that, companies require resources and budget to prepare for and comply with the GDPR. I fully understand the challenge. It starts...

A vulnerable driver: lesson almost learned

Recently, we started receiving suspicious events from our internal sandbox Exploit Checker plugin. Our heuristics for supervisor mode code execution in the user address space were constantly being triggered, and an executable file was being flagged for further analysis. At first, it looked like we’d found a zero-day local privilege escalation vulnerability for Windows, but the sample that was...

Latest article

Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses

Researchers say Apple’s Hide My Email flaw may expose real addresses, despite two fixes. Here’s what users should know about the privacy risk. The post...

Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects

The following analysis presents the key findings from Kaspersky Compromise Assessment engagements performed in 2025. A compromise assessment is an independent, expert-driven service that...

Test Cache

Testing cache response - Read more

Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall

Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and...