Blog

CISA Alert: Top 10 Routinely Exploited Vulnerabilities, 2016-2019

CISA Alert: Top 10 Routinely Exploited Vulnerabilities, 2016-2019

Recently, the Cybersecurity & Infrastructure Security Agency (CISA), the FBI, and US government published an alert on the Top 10 Routinely Exploited Vulnerabilities identified by the US government between 2016 to 2019. The alert aims to provide organizations with a list of vulnerabilities, most of which are Common Vulnerabilities and Exposures (CVEs), that are being exploited repeatedly by cyber criminals.... Read More
May 13, 2020
The 4 Key Components of a Strong Vulnerability Management Program

The 4 Key Components of a Strong Vulnerability Management Program

A strong Vulnerability Management (VM) program allows organizations to identify potential security gaps including access points that threat actors leverage to gain entry into corporate networks, and then prioritize them for remediation. However, due to their complexity, most organizations experience challenges in building a robust VM program. According to Herjavec Group’s JR Cunningham, a strong Vulnerability Management program relies on... Read More
May 11, 2020
Strategy Magazine: Shoring Up Global Cybersecurity

Strategy Magazine: Shoring Up Global Cybersecurity

Everyone wants the convenience and speed of technology, but not what comes along with it—potential security threats. Blockchain and regulations are important steps to increasing cybersecurity says Robert Herjavec.  Originally published in Strategy Magazine By Kate Rockwood Data security, especially accountability, capability, and compliance, is increasingly keeping the c-suite up at night—and it’s going to continue to do so as... Read More
Threat Advisory: Phantom in the Command Shell Campaigns Target Financial Industry

Threat Advisory: Phantom in the Command Shell Campaigns Target Financial Industry

Researchers at Prevailion have reported a new operation called Phantom in the Command Shell. The operations have been targeting financial firms across the globe using the Evilnum malware, which is being distributed to victims using a Google Drive share link. Clicking on the Google Drive share link downloads a malicious zip archive file to the host. When decompressed, the file... Read More
May 8, 2020
WEBINAR: Is Zero Trust Possible in a Remote Work Scenario?

WEBINAR: Is Zero Trust Possible in a Remote Work Scenario?

Organizations worldwide have moved to remote work scenarios in response to the COVID-19 pandemic. Moving to a remote workforce has presented CIOs and CISOs with key challenges surrounding the traditional perimeter security model. During this time, the health and safety of your enterprise workforce is paramount, but we know that security cannot take a back seat. In this webinar, we... Read More
May 1, 2020
Threat Advisory Update: Emotet Botnet Shows Signs of Life & COVID-19 Phishing Campaigns Target Healthcare

Threat Advisory Update: Emotet Botnet Shows Signs of Life & COVID-19 Phishing Campaigns Target Healthcare

The Emotet botnet has begun to show signs of life after months of inactivity. The E2 portion has started deploying credential and email stealing modules. It is believed that this could be a preparation step for a new spam campaign. During the downtime, the operators behind Emotet have redesigned it and some of the modules it uses. New features include... Read More
April 22, 2020
Threat Advisory: NSA, ASD Release Guidance for Mitigating Web Shell Malware

Threat Advisory: NSA, ASD Release Guidance for Mitigating Web Shell Malware

The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly released a Cybersecurity Information Sheet (CSI) on mitigating web shell malware. Malicious cyber actors are increasingly deploying web shell malware on victim web servers to execute arbitrary system commands. By deploying web shell malware, cyber attackers can gain persistent access to compromised networks. The CSI provides... Read More
Threat Advisory: Re-Emergence of the Maze Ransomware

Threat Advisory: Re-Emergence of the Maze Ransomware

Herjavec Group continues to track COVID-19 related cyberattacks. We have a complete threat advisory tracking various threats, malware types, as well as a summary of IOCs and domains specific to COVID-19. The full advisory can be found here. The Maze ransomware was initially discovered in May 2019, and since then the attack frequency has increased and the group behind it... Read More
April 20, 2020
Security Best Practices for Your Organization’s Video Conferencing Platform

Security Best Practices for Your Organization’s Video Conferencing Platform

As COVID-19 shifts organizations globally to remote work, there has been an inevitable increase in the use of video conferencing and team collaboration tools such as Zoom, Skype, Microsoft Teams, and WebEx. Threat actors are exploiting publicly known vulnerabilities in these remote work collaboration & communication tools to spread malware and gain access to restricted, private meetings. The Federal Bureau... Read More
April 17, 2020
Cybersecurity CEO: Insider Threat Rises Sharply Amidst New COVID-19 Workplace

Cybersecurity CEO: Insider Threat Rises Sharply Amidst New COVID-19 Workplace

Employees working from home intensifies cyber risk – Robert Herjavec Los Angeles, Calif. – April 15, 2020 Your CFO is working from home now. That’s just one of how many remote privileged users with keys to your kingdom outside of the corporate office. If that doesn’t raise a red flag in your head, then it should… We all know that... Read More
April 16, 2020