Securin Inc.

🔥 Cl0p accounted for 18% of ransomware attacks last year, and the group’s pattern of exploiting file transfer vulnerabilities is underlined in the Western Alliance breach, impacting 22,000 customers. Western Alliance has not publicly disclosed the file transfer application exploited in its breach, but we can learn a lot from other, similar attacks. 🚨 Cl0p’s MOVEit campaign was a masterclass in supply chain exploitation, targeting tech, manufacturing, and energy—with significant impact: 🔹 Sophisticated zero-day vulnerability exploitation 🔹 Strategic mass-exploitation methodology 🔹 Multi-industry targeting approach 🔹 Efficient data exfiltration at scale 🔹 Targets critical file transfer infrastructure (Cleo and MOVEit) 🛑 Software supply chain vulnerabilities enable cybercriminals to scale with relatively low effort: one exploit of a widely used software vulnerability allows them to ‘mug’ multiple targets and gain a foothold in organizations further up the chain. 💡 For example: The massive MOVEit breach enabled 3rd, 4th, and even 5th party compromises. 🛡️ Recommendations for defense: Securin’s Kiran Chinnagangannagari says it’s a harsh reality that organizations must confront this trend and evaluate their partners’ cybersecurity practices. Other best practices include: 📌 Ask partners to complete a standardized security questionnaire based on frameworks like NIST CSF or ISO 27001—covering: 👉 Network segmentation & access controls. 👉 Patch & vulnerability management. 📌 Round out the questionnaire with insights from External Attack Surface Management (EASM) tools to: Reveal exposed assets 👉 Identify potential vulnerabilities. 👉 Assess overall risk posture. #ProactiveSecurity #Cybersecurity

🚨 Salt Typhoon: Turning defense tools into attack vectors 🚨 Salt Typhoon spent 2024 aggressively exploiting high-severity vulnerabilities in enterprise security products and VPN solutions, turning defensive tools into attack vectors. 🔻 Key CVEs exploited: ⚠️ CVE-2023-48788 (9.7) – Fortinet FortiClient EMS ⚠️ CVE-2024-21887 (9.42) – Ivanti Connect Secure, Policy Secure ⚠️ CVE-2023-46805 (9.94) – Ivanti Connect Secure, Policy Secure These flaws enable remote code execution and authentication bypass, potentially leading to complete network takeover. The threat to critical infrastructure is real: Denmark recently issued the first European government warning about state-backed cyber espionage targeting telecoms providers. 🔻Defense recommendations: 👉 Patch ASAP – Prioritize security updates for critical systems 👉Monitor and hunt – Strengthen network visibility and threat detection 👉Lock down access – Enforce MFA and harden remote access 👉Be prepared – Build APT-specific response plans When attackers target security infrastructure itself, defense-in-depth is crucial. Learn more about Salt Typhoon’s tactics and techniques, check our latest blog post (link in comments)👇 #ProactiveSecurity #SaltTyphoon #Cybersecurity #CriticalInfrastructure

⚡ The systems keeping our lights on, water running and hospitals operating are increasingly vulnerable to cyberattacks. This isn't hypothetical - it's happening now. 🎙️ Securin’s Kiran Chinnagangannagari joined TFiR’s Secure by Design podcast to discuss the findings of our Critical Infrastructure Report, including: 💣 Over 3,000 vulnerabilities discovered in manufacturing systems. 💣 30% increase in energy sector cyber risks. 💣 800 vulnerabilities affecting water and waste management. Have a listen and find out who’s behind the attacks, which sectors are most at risk, and why attackers are increasingly targeting smaller organizations with fewer security resources. Then download your copy of the report to get the full analysis of what we learned from over 1700 attacks – and what you can do about it. Link in the comments 👇 #ProactiveSecurity #CriticalInfrastructure #Cybersecurity https://lnkd.in/ejCFh-82

⚡ The systems keeping our lights on, water running and hospitals operating are increasingly vulnerable to cyberattacks. This isn't hypothetical - it's happening now. 🎙️ Securin’s Kiran Chinnagangannagari joined TFiR’s Secure by Design podcast to discuss the findings of our Critical Infrastructure Report, including: 💣 Over 3,000 vulnerabilities discovered in manufacturing systems. 💣 30% increase in energy sector cyber risks. 💣 800 vulnerabilities affecting water and waste management. Have a listen and find out who’s behind the attacks, which sectors are most at risk, and why attackers are increasingly targeting smaller organizations with fewer security resources. Then download your copy of the report to get the full analysis of what we learned from over 1700 attacks – and what you can do about it. Link in the comments 👇 #ProactiveSecurity #CriticalInfrastructure #Cybersecurity https://lnkd.in/ejCFh-82

🚨 Salt Typhoon: mitigating the risks 🚨 Salt Typhoon continues its aggressive targeting of critical infrastructure via high-severity vulnerabilities in enterprise security products and VPN solutions. Securin’s researchers analyzed more than 40 attacks associated with the group in the past year. What they found: a strategic shift towards long-term cyberespionage, with APT-like behaviors. This is underlined by the evolution of the group’s toolkit  from Mimikatz to custom malware such as GHOSTSPIDER). Check out our latest blog for the full details (link in comments), but for now: 👉 Defense recommendations: 🛡️ Implement robust patch management processes, prioritizing vulnerabilities in security infrastructure. 🛡️ Enhance network monitoring capabilities to detect anomalous behavior and potential lateral movement. 🛡️ Conduct regular threat hunting exercises, focusing on indicators associated with Salt Typhoon's tactics and techniques. 🛡️ Strengthen authentication mechanisms, particularly for remote access and privileged accounts. 🛡️ Develop and test incident response plans specifically tailored to APT intrusions. 👉 Bottom line: The targeting of security products underlines the importance of timely patching and vendor management. It’s a good time to implement defense-in-depth strategies. #ProactiveSecurity #SaltTyphoon #Cybersecurity

🚨 THREAT OVERVIEW: APT29 (aka "Cozy Bear") targeted 40+ organizations in 2024 🚨 Top sectors targeted last year included: 🚧 Government/Public Sector (15) 🚧 IT and Telecoms (13) 🚧 Defense (7) 🚧 Transportation/Logistics (6) 🚧 Energy (5) This Russia-linked group is systematically targeting tech providers with large customer bases - a clear pivot toward #SupplyChain attacks. Notable victims include Microsoft, HPE, TeamViewer, and German Air Traffic Control. 👉 Defense recommendations: 🛡️ Robust patch management and vendor oversight. 🛡️ Strong multifactor authentication (MFA) for remote and privileged access. 🛡️ Enhance network monitoring and threat hunting. 🛡️ Strengthen authentication for remote and privileged access. #ProactiveSecurity #Cybersecurity #APT29

Threat overview: Salt Typhoon – A perfect storm for critical infrastructure. Salt Typhoon’s evolving toolkit (from Mimikatz to custom malware such as GHOSTSPIDER) highlights a strategic shift towards long-term cyberespionage. The China-linked group ramped up its operations in 2024, targeting critical infrastructure globally – and breaching major US telecom providers, including AT&T, T‑Mobile and Verizon. Secure government communications and wiretap systems have also been compromised. 👉 Key takeaway: Organizations in telecoms and critical sectors should implement multi-layered, proactive security strategies to mitigate risks. 👉 Defense recommendations: 🛡️ Robust patch management and vendor oversight. 🛡️ Enhance network monitoring and threat hunting. 🛡️ Strengthen authentication for remote and privileged access. #CyberSecurity #CriticalInfrastructure #ProactiveSecurity

🚨 I'm Hiring a Marketing Manager! 🚨 Are you a highly organized and strategic event planner with a passion for creating impactful experiences? Securin Inc., a cybersecurity company based in New Mexico, is looking for an Events Marketing Manager to lead and execute a variety of events, from industry conferences and trade shows to executive dinners and customer appreciation events. If you thrive in fast-paced environments and love turning ideas into unforgettable experiences, we want to hear from you! 📌 Apply here: https://lnkd.in/gW5a4UTH Know someone who would be a great fit? Please share this post with your network! Interested? Have questions? Reach out to me directly! Let’s connect. #Hiring #EventMarketing #MarketingJobs #CyberSecurity #NewMexicoJobs #EventPlanning #MarketingManager #JobSearch #NMjobs Deepika Gajaria

🚨 How Strong Is Your 2025 Cybersecurity Posture? Don’t guess—test it against the ACSC Essential Eight. 🚨What is the ACSC Essential Eight? The Essential Eight is an easy-to-implement set of eight key protocols designed to help Australian businesses assess and strengthen their defenses, moving from basic protections to a robust, multi-layered security approach. 🚨Why Should It Matter To You in 2025? Cybersecurity gaps = vulnerabilities. The Essential Eight helps businesses close these gaps, reduce risk, and stay proactive in defending against costly breaches. 📌 How Securin Can Help: e can help you know where you stand with a simulated real-world cyberattack and meet your compliance needs by improving your security posture before vulnerabilities are exploited. 📖 Read our blog on Australia’s Essential Eight and how it can help you build a stronger cybersecurity posture: https://lnkd.in/gSaAiAik 📩 Contact us today to improve your security: https://lnkd.in/g8KYrVhE 🚨 #CyberSecurity #EssentialEight #ACSC #RiskManagement #PenTesting #Securin #VulnerabilityManagement Australian Signals Directorate | Australian Cyber Collaboration Centre | Australian Cyber Network | Australian Information Security Association (AISA)

Will the new SOCI Amendment Act 2024 put Australian organizations in a tight spot? New cybersecurity laws now apply to organizations handling critical infrastructure data. Failure to comply can result in severe penalties, security breaches, and operational disruptions. ⚠Stricter compliance requirements ⚠Increased focus on cyber resilience ⚠️ Non-compliance carries heavy fines If your business works with critical data, you must act now. Is your organization ready? Get compliance guidance: https://lnkd.in/gxAMnf-q #SOCIAmendment #CyberSecurity #CriticalInfrastructure #Compliance #Securin | Australian Signals Directorate | Australian Cyber Collaboration Centre