AGS Cyber

Enterprise Security shortcomings (as much in terms of inherent vulnerability flaws, as it is the case in multi-vendor integration scenarios), are fast becoming a problem foisted onto end-customers. We’re seeing more and more evidence that the end consumer is beginning to feel the cost of loose security measures at the enterprise level, globally. Don’t get caught out. Be proactive, or you’ll be on the losing side! #cybersecurity #cyberjobs #cybertalent #proactivesecurity https://lnkd.in/ecaD6SK8

The cost of reactive vs proactive security policies will keep rising, no matter what. Been saying this for years! Don’t get caughtout like many of the UK’s public infrastructure & services institutions. Whether you’re an organization sitting on the private commercial sector, or the public side - you’re going to want to get ahead of the cyber threats inevitably coming your way. #CyberJobs #CyberCareers #CybersecurityTalent #IfYouAintFirstYoureLast #YouGottaGive #ALotOfPeopleGive https://lnkd.in/g7S8Rzvh

Over the past 2 years, we’ve seen a notable uptick in threat actors specifically targeting SLED institutions and related organizations. Data breaches, ransomware, social engineering campaigns, and system takedowns becoming a regular occurrence in this space too after a decade of growth in breaches in the private and commercial sectors. Just earlier this week, it was reported that a school district in northeastern Tennessee lost more than $3 million earlier this year after an employee was tricked into sending funds intended for online curriculum materials to a fraudster. Appropriate measures (cyber awareness training, protocols, and proactive security policies) must be implemented, as these threats are only multiplying! https://lnkd.in/eSctteqQ #CyberNews #CyberJobs #CyberCareers #Hiring 

👾Microsoft Patches Actively Exploited Windows Vulnerability 👾 Microsoft has recently addressed a critical vulnerability in Windows that was being actively exploited by attackers. The vulnerability, tracked as CVE-2024-38193, allows attackers to gain SYSTEM privileges on the latest Windows operating systems. A few things to note about this particular security issue: 1)The vulnerability affects the most recent versions of Windows. 2) It has been marked as "actively exploited" by Microsoft, indicating that attackers were already taking advantage of it in the wild. 3) Successful exploitation could grant an attacker the highest level of system privileges (SYSTEM). This security flaw was part of Microsoft's latest round of patches, which addressed nearly 90 vulnerabilities across Windows and various OS components. The fact that it was being actively exploited makes it particularly noteworthy, as it represents an immediate threat to Windows users. Microsoft's prompt action in releasing a patch highlights the importance of keeping operating systems and software up to date. Users and system administrators are strongly advised to apply the latest security updates to protect against this and other potential threats. This incident serves as a reminder of the ongoing cat-and-mouse game between software developers and cybercriminals, emphasizing the critical role of timely security patching in maintaining a robust cybersecurity posture. #CyberJobs #CyberBreach #ZeroTrust #CVE202438193 #AdvancedPersistentThreat #APT

👾 Computer engineer hacks own employer, demands $750K ransom 👾 Daniel Rhyne, a core infrastructure engineer at a U.S. industrial firm, turned against his employer in a bold cyber extortion attempt, demanding $750,000 in Bitcoin. Leveraging his expertise, Rhyne secretly created a virtual machine (VM) within the company’s network, granting himself unauthorised access to critical systems. On November 25th, 2023, the firm’s employees were startled by unexpected password reset notifications from the domain administrator account—a high-level access point capable of controlling company-wide systems. Shortly after, Rhyne sent a ransom email claiming he had locked out all IT administrators, deleted backups, and threatened to turn off 40 servers unless the organisation paid the ransom. Law enforcement quickly traced the attack back to Rhyne. Investigators discovered the hidden VM linked directly to his company computer, with web searches on his device matching commands used to compromise the network. Contact me to find out how AGS Cyber can help you find the right talent to protect your business. 👩💻 michele.leandro@agscyber.com https://lnkd.in/eKgbvdcx #hacked #cybercareers #cybersecurity #cybercrime

A cybercrime group with links to the RansomHub ransomware has been observed using a new tool called "EDRKillShifter" to disable Endpoint Detection and Response (EDR) software during attacks. The tool operates by delivering a legitimate yet vulnerable driver, exploiting it to gain elevated privileges and disarm EDR defenses. This technique, known as "Bring Your Own Vulnerable Driver" (BYOVD), has become a notable trend among ransomware groups. To mitigate such threats, it is advised to maintain updated systems, enable tamper protection, and enforce strict privilege separation. For more details, you can read the full article here; https://lnkd.in/dxsnNpwk To mitigate the threat, it's recommended to keep systems up-to-date, enable tamper protection in EDR software, and practice strong hygiene for Windows security roles. Need help building your cybersecurity team? Reach out to AGS Cyber today! tom.bedder@agscyber.com #cyberjobs #cybercareers #cyberawareness