RansomHub Affiliate leverages Python-based backdoor
January 15, 2025 In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints.
Archive
Considerations for a Balanced Critical Infrastructure Security Strategy
January 7, 2025 With the Presidential administration changeover happening soon, there has been much discussion of potential regulatory rollback, restructuring, or elimination of agencies like the Cybe…
Understanding and Taking Advantage of the NYDFS Risk Assessment Requirement
December 11, 2024 As organizations prepare for the coming year those affected by NYDFS may struggle to efficiently include the requirements in their plans.
RACE Conditions in Modern Web Applications
December 5, 2024 The concept of a RACE condition and its potential for application vulnerabilities is nothing new.
Developing and Implementing a Privacy Program
November 26, 2024 Privacy Privacy has evolved beyond compliance; its relevance in creating brand loyalty and customer trust has proven to build a competitive advantage for organizations with a compreh…
Building and Enhancing OT/ICS Security Programs Through Governance, Risk, and Compliance (GRC)
November 21, 2024 Operational Technology (OT) and Industrial Control Systems (ICS) are critical components of many industries, especially those within the 16 critical infrastructure sectors.
To Pay or Not to Pay: The Ransomware Dilemma
November 14, 2024 Disclaimer: In the majority of cases, the determination of whether or not to pay a ransom is a business decision, and this blog is intended solely to help decision-makers navigate th…
Cybersecurity Awareness Month: AI vs. AI: Redefining Zero Trust
October 31, 2024 Author: Brian Deitch, Chief Technology Evangelist, Zscaler The rise of artificial intelligence isn’t just about automating some mundane processes or throwing chatbots on websites.
Cybersecurity Awareness Month: Tackling the Unsustainable Skills Challenge in Cybersecurity and Observability
October 24, 2024 Author: Nick Heudecker, Senior Director, Market Strategy, Cribl In the rapidly evolving fields of cybersecurity and observability, a significant disconnect threatens to undermine secu…
Cybersecurity Awareness Month: How CISOs can engage, educate, and empower
October 15, 2024 Author: Mike Britton, Chief Information Security Officer, Abnormal Security October is upon us, and as we embrace the start of this spooky season, it’s also time to spotlight someth…
Cybersecurity Awareness Month: The noble work of repeated reminders
October 10, 2024 Author: Aaron Walton, Threat Intelligence Analyst, Expel Another October. Another Cybersecurity Awareness Month.
Update from the Trenches
Ivanti CSA Investigation/Detection Details October 9, 2024 Authors: Rui Ataide, Andrew Nelson, and Hermes Bojaxhi GuidePoint Security has recently been engaged on several incidents related to f…