Conscia Blog | Benefit from our Network of Knowledge

Blog

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

9. January 2024

GitHub, a key coding platform, faces rising cyber threats. This blog post explores its exploitation and outlines effective cybersecurity strategies for mitigation.

Blog

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

19. December 2023

In cybersecurity, an unexpected one-time passcode (OTP) signals a security threat - possible credential theft. Learn more about...

Blog

Deep Dive into the May 2023 Cyber Attack on Danish Energy Infrastructure

15. November 2023

Danish energy infrastructure endured a sophisticated cyber attack, signifying a major escalation. This post analyzes the unprecedented assault,...

Blog

What can we learn from recent Okta breaches?

8. November 2023

Okta, a major identity and access management player, faced two major security breaches. Examining these incidents provides crucial...

Blog

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

17. October 2023

Edit note, October 24: Added a section regarding updates to include additional Indicators of Compromise (IOCs) and methods...

Blog

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

11. October 2023

Enumeration attacks, especially banking identification number (BIN) generation attacks, enable threat actors to produce and validate payment card...

Blog

Adversary-In-The-Middle Attack: A novel way to evade MFA

3. October 2023

In the vast realm of cyber threats, a relatively newer but impactful method has emerged: Adversary In the...

Blog

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

27. September 2023

Cybercriminals increasingly manipulate reputable platforms such as Google Drive, OneDrive, Notion, and GitHub to camouflage their malicious activities...

Blog

Defending Against Infostealer Malware Attacks: A Comprehensive Guide for Organizations

19. September 2023

In today’s digital age, information is power. As organizations increasingly rely on digital data, the allure for cybercriminals...

Blog

Cloud Storage Risk Assessment: Our privacy rests… at risk?

13. September 2023

Cloud storage and hosting have become a common way of storing your and your organization’s sensitive data in...

Blog

Understanding Vulnerability Lifecycle to Better Combat Exploits

6. September 2023

If you care about cybersecurity, you surely have heard the term ‘software vulnerability.’ But it can quickly happen...

Blog

CL0P Group – Analysis of European’s rising ransomware threat

6. September 2023

If you were following trends in the cyber threat landscape for the past few months, or actually the...

Blog

Danish cloud-hosting provider hit by devastating ransomware attack.

30. August 2023

Danish cloud-hosting company were hit by ransomware attacks, resulting in significant customer data loss and system shutdowns.

Blog

A look into Living off the Land adversarial technique

30. August 2023

Recently, you may have noticed several cybersecurity news sites citing Microsoft’s article on Flax Typhoon’s (threat actors) stealthiness while performing...

Blog

Can Prisma Cloud provide API security for your cloud?

15. March 2023

Spoiler alert: it probably can (your mileage may vary), but your cloud architecture determines whether it is the...

Blog

How could AI simplify malware attacks, and why is this worrying?

24. February 2023

AI can significantly reduce Malware development and distribution costs, giving cybercriminals an advantage over insufficiently secured targets. Read...

Blog

Diligent Management and Cybersecurity

20. February 2023

In business, cyber-attacks have become a part of reality and are no longer something that happens “out there”....

Blog

Three lessons for better cybersecurity in 2023

2. January 2023

From the point of view of Conscia’s Security Operations Center (SOC), the year 2022 confirmed the fact that...

Blog

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

6. December 2022

Criminals don’t like to leave traces. In the cyber world, that means deleting their malicious software from your...

Blog

Season’s Greetings from Cybercriminals

25. November 2022

Cybercrime is on the rise during the holiday season. Cybercriminals take advantage of Black Friday, Cyber Monday, and...

Blog

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

17. November 2022

Phishing has professionalized. It is literally available to criminals in a »as a service« model, and the most...

Blog

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

30. September 2022

Two reported 0-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019 (on-prem) tracked as CVE-2022-41040 and CVE-2022-41082...

Blog

Insider Threats: What are they and how to mitigate them

20. September 2022

While often neglected, an organization’s own personnel pose one of the biggest threats to its security. Human error...

Blog

Diving Deep: How to detect Malware Persistency pt. 1

3. August 2022

During a cyber-attack adversaries might gain access to an environment through a certain system, but that might not...

Blog

Diving Deep: How to detect Typosquatting

21. June 2022

Typosquatting is a type of social engineering attack where a threat actor registers domains with deliberately misspelled names...

Blog

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day

1. June 2022

Microsoft confirmed a security vulnerability tracked as CVE-2022-30190 and released it on their MSRC portal on May 30th,...

Blog

Diving Deep: Malware Injection Techniques – Part 1

31. May 2022

Malware Injection Techniques This is the first entry in the Malware Injection Techniques article series that we will...

Blog

Ransomware-as-a-Service: An infamously lucrative business model

18. May 2022

Ransomware as a type of malware is not a 21st century invention. We can trace it back to...

Blog

Conti Ransomware Gang falls apart

1. May 2022

Conti ransomware gang was infamously known as one of the most sophisticated adopters of ransomware-as-a-service (RaaS) model, earning...

Blog

Increased threat against industries leveraging ICS and SCADA devices

14. April 2022

US agencies (CISA, NSA, FBI) and Department of Energy issued a new Cybersecurity Advisory (CSA) warning on 13.04.2022...

Blog

What you need to know about the increased Digital Risks following the cyber-attacks on Ukraine

16. March 2022

Amidst the ongoing warfare, we were able to track the development of new dedicated and tailored malware (HermeticWiper...

Blog

Critical Vulnerability in Apache Log4j

13. December 2021

A critical vulnerability has been discovered in Apache Log4j (CVE-2021-22448), which has a maximum CVSS score of 10....

Blog

Is your Active Directory secure?

1. September 2021

How do you discover and assess misconfigurations and newly discovered vulnerabilities in your most critical asset – Active...

Blog

CIS Controls version 8

15. June 2021

Center for Internet Security (CIS) has recently updated the CIS controls (May 2021) and we no longer have...

Blog

Where and how to begin the cyber security journey?

18. May 2021

Where to start? Many European organizations struggle to start the cyber security journey. Most of the organizations know...

Blog

Major security mistake costs businesses millions

17. May 2021

Cybersecurity is on the board agenda for all companies or should at least be there. Everyone understands the...

Blog

Cutting corners in cyber security will backfire

12. May 2021

Managers at manufacturing companies experience how IT, digitalization, call it what you want, washes over them at an...

Get the latest insights in our blog, written by our own experts.

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

Deep Dive into the May 2023 Cyber Attack on Danish Energy Infrastructure

What can we learn from recent Okta breaches?

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

Adversary-In-The-Middle Attack: A novel way to evade MFA

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

Defending Against Infostealer Malware Attacks: A Comprehensive Guide for Organizations

Cloud Storage Risk Assessment: Our privacy rests… at risk?

Understanding Vulnerability Lifecycle to Better Combat Exploits

CL0P Group – Analysis of European’s rising ransomware threat

Danish cloud-hosting provider hit by devastating ransomware attack.

A look into Living off the Land adversarial technique

Can Prisma Cloud provide API security for your cloud?

How could AI simplify malware attacks, and why is this worrying?

Diligent Management and Cybersecurity

Three lessons for better cybersecurity in 2023

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

Season’s Greetings from Cybercriminals

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

Insider Threats: What are they and how to mitigate them

Diving Deep: How to detect Malware Persistency pt. 1

Diving Deep: How to detect Typosquatting

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day

Diving Deep: Malware Injection Techniques – Part 1

Ransomware-as-a-Service: An infamously lucrative business model

Conti Ransomware Gang falls apart

Increased threat against industries leveraging ICS and SCADA devices

What you need to know about the increased Digital Risks following the cyber-attacks on Ukraine

Critical Vulnerability in Apache Log4j

Is your Active Directory secure?

CIS Controls version 8

Where and how to begin the cyber security journey?

Major security mistake costs businesses millions

Cutting corners in cyber security will backfire

Do you have any questions?

Related content

Webinar: Unleash the Power of AI and Automation with Cisco Hypershield

Prisma Access Browser

Important Update for All Using Certificates for Single Sign-On

Hackers Turn Advisors: The $500K Irony of Akira Ransomware Gang’s Services

Microsoft LDAP vulnerabilities: Why cybersecurity teams need to act now

Offensive Security and Cyber Threat Intelligence: The Dynamic Duo Against Adversaries

Caritas Trägergesellschaft Saarbrücken – Top-Level Security with Conscia

Cisco Cyber Vision in Action: How to Secure Your OT Network

Contact