What’s new for TIBER-EU?

Title image Whats's new for TIBER-Eu

A brief look at the updated TIBER-EU framework with DORA TLPT coming into play. In our previous post, we have discussed the “transition” from TIBER to TLPT (Threat-Led Penetration Testing), highlighting some differences between the previous TIBER specification and the requirements as indicated by DORA. This is mostly just a change in terminology. We concluded … Continue reading What’s new for TIBER-EU?

Backups & DRP in the ransomware era

In today's digital landscape, the threat of ransomware has forced organizations to reevaluate their disaster recovery plans. Traditional approaches to data protection were focused primarily on high availability and are no longer sufficient. As cyber threats evolve, so must our strategies for safeguarding critical information. This blog post explores the principles and architectures needed to … Continue reading Backups & DRP in the ransomware era

Detecting Teams Chat Phishing Attacks (Black Basta)

A person in a suit is overwhelmed by a pile of envelopes while typing on a keyboard, with a computer screen displaying "Help Desk" nearby. Another individual in a hooded jacket is reaching towards the person, symbolizing a phishing threat. The background is filled with binary code.

For quite a while now, there has been a new ongoing threat campaign where the adversaries first bomb a user's mailbox with spam emails and then pose as Help Desk or IT Support on Microsoft Teams to trick their potential victims into providing access. This social engineering tactic is being attributed to the ransomware group "Black Basta".

Microsoft Purview – Evading Data Loss Prevention policies

Evading Data Loss Prevention Policies

Introduction Microsoft Purview is a comprehensive solution that helps organizations manage and protect their data across various environments, including on-premises, multi-cloud, and software-as-a-service (SaaS) platforms. It provides a unified data catalog, data classification, and data security capabilities, enabling organizations to gain insights into their data landscape, secure their data accordingly, and ensure compliance with regulatory … Continue reading Microsoft Purview – Evading Data Loss Prevention policies

Building Cyber Resilience Against Ransomware Attacks

Building cyber resilience against ransomware attacks

Or, "Yet another ransomware blog post?" "Yet another ransomware blog post?" I hear you asking. Well, yes! Besides, Ransomware attacks have been on the rise again costing affected organizations and industries more than ever. Let's dive into some numbers to set the stage: According to IBM and Ponemon institute, in 2024, the average cost of a … Continue reading Building Cyber Resilience Against Ransomware Attacks

The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation

Third Party Risk blog post header

In the previous post, we introduced the concept of Third-Party Risk Management (TPRM) and its importance in today’s interconnected world. Now, let us have a look at the practical aspects of building a solid TPRM program and why it is important for your company. 1. Start with a Third-Party Inventory The first step in building … Continue reading The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation