Stay secure with SafeBreach Coverage for Phobos Ransomware and Ivanti. | CybSec Wizard

Cyber Security Wizard

Wizardry for Cyber

Cyber Security Wizard

TLDR: SafeBreach Coverage for AA24-060A (Phobos Ransomware) and AA24-060B (Ivanti Connect Secure)

Key Points:

CISA issued advisories regarding Phobos Ransomware and Ivanti Connect Secure vulnerabilities
SafeBreach provides coverage against both threats to help organizations validate their security controls

In response to CISA advisories, SafeBreach has expanded its coverage to include Phobos Ransomware and Ivanti Connect Secure vulnerabilities. The advisory concerning Phobos Ransomware highlights the tactics, techniques, and procedures (TTPs) used by threat actors who target state, local, tribal, and territorial (SLTT) governments. Phobos is connected to various ransomware variants and is known to use open-source tools like Smokeloader and Cobalt Strike. On the other hand, the Ivanti advisory discusses vulnerabilities exploited by threat actors to bypass authentication and execute arbitrary commands on Ivanti Connect Secure and Policy Secure gateways. SafeBreach customers can assess their security controls against these threats using the provided attacks. It is crucial for organizations to continually validate their security programs in response to evolving cyber threats.

Post Views: 103

Adrian Johnson

Latest from Blog

Snowflake debuts MFA with 14-character passwords for added security

TLDR: Snowflake has rolled out MFA by default on its platform alongside 14-character passwords. This move comes after a series of high-profile third-party hacks on Snowflake customers. According to a recent article

CISA’s Election Infrastructure Cybersecurity Checklist: Essential Preventive Measures Covered

Article Summary TLDR: The CISA cybersecurity checklist provides standard preventive measures for election infrastructure. It covers basics such as MFA, segmenting, backups, and email protections. CISA has released a new cybersecurity checklist

Apple iOS 18 drops with patches for 32 security problems

TLDR: Apple has released iOS 18, addressing 32 security vulnerabilities. Vulnerabilities in Siri, Safari Private Browsing, and other components were fixed. Apple has released iOS 18, addressing a total of 32 security

Iranian ambassador injured in cyber attack on Hezbollah fighters: Reuters

TLDR: Thousands of Hezbollah fighters and medics were injured by exploding pagers in Lebanon. Lebanon blamed Israel for the explosions, which caused chaos and panic across the country. Thousands of members of

2024 Onyxia Cyber SC Award Winners – Recognize Excellence

TLDR: Onyxia Cyber has won the Best Emerging Technology award at the 2024 SC Awards for its innovative Cybersecurity Management Platform, powered by AI and machine learning. The platform offers real-time assessments,

2024 SC Award Winners: SlashNext, Best Secure Messaging Solution

TLDR: SlashNext won the Best Secure Messaging Solution award at the 2024 SC Awards. Their platform uses Next Gen AI to provide real-time protection against various forms of cyber fraud. In the

Shining light on cyber defense with identity illumination

Article Summary TLDR: Identity is the new perimeter in cybersecurity Organizations need to focus on identity visibility for stronger cyber defense Identity is the new perimeter in cybersecurity, as organizations shift towards

NVD battles against CVE backlog as attackers evolve their tactics

TL;DR: As the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) faces a backlog in processing vulnerabilities, attackers are changing tactics to exploit lesser-known vulnerabilities. The backlog is partially

Google Chrome levels up with ML-KEM for ultimate cybersecurity

TLDR: Google Chrome is switching from KYBER to ML-KEM for post-quantum cryptography defense. The changes are set to take effect in Chrome version 131 in early November 2024. Google has announced the

Level up your cybersecurity with the Updated NIST Framework

TLDR: The NIST Cybersecurity Framework has been updated to reflect the evolving role of technology infrastructure on organizational objectives. The new version, CSF2, includes a function focused on governance and a dedicated