DEFENSESTORM

Cyber Security RESOURCES

Thought leadership and customer testimonials are some of the many ways we build a community of trust. These cyber security resources highlight our recent research and success stories.

Cyber security risk management solutions from DefenseStorm.
CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Insights

CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Cyber risk Insights from the desk of DefenseStorm’s Chief Information Security Officer, William Wetherill.

The Importance of Cyber Security Asset Management

Insights

The Importance of Cyber Security Asset Management

Cyber security asset management is a critical concern for any organization, regardless of its size or industry. For financial institutions (FIs), it’s vital due to the sensitive data and valuable assets they are entrusted to safeguard. While there are many aspects to consider in building a robust cybersecurity program, one crucial component is effective asset management.

Fraud Prevention Releases: User Behavior Analytics (UBA) model in GRID Active

Insights

Fraud Prevention Releases: User Behavior Analytics (UBA) model in GRID Active

GRID Active Fraud Prevention is powered by machine learning and helps financial institutions to proactively detect fraud and monitor suspicious non-monetary activities, complementing rules-based approaches to detect fraudulent activities.

SIM Swapping – A Tried and True Tactic

Insights

SIM Swapping – A Tried and True Tactic

SIM Swapping is nothing new and if you stay up to date with cybersecurity news and events, you are likely bombarded with technical analysis of the latest in ransomware, malware, dropper, trojan, or vulnerability that was exploited by bypassing controls and using “living off the land” techniques. 

While these tactics, techniques, and analyses are incredibly important and useful, we can often forget that it’s sometimes the simple, age-old ways of getting your information and property that can also harm us.

Holiday Fraud Delivery Notification Scams: “You have a package for delivery!”

Fraud Squad

Holiday Fraud Delivery Notification Scams: “You have a package for delivery!”

With the holiday season just around the corner, it’s a time for celebrations, travel, and shopping, but it’s also prime time for fraudsters to prey on unsuspecting consumers. Amidst the hustle and bustle of planning and festivities, people become easy targets for scammers.

Critical Severity Authentication Vulnerability: CVE-2023-22518

Threat Alerts

Critical Severity Authentication Vulnerability: CVE-2023-22518

A recent vulnerability has been discovered for Confluence Server and Data Center and is being tracked as CVE-2023-22518.  At this time of this writing, this vulnerability is NOT known to have been exploited; however, Atlassian is recommending that those impacted take immediate action.  The below information was taken directly from the Atlassian FAQ page for CVE-2023-22518, and the page was last updated on November 1, 2023.

Account Holder Fraud Prevention in Banks: Alert Enhancements

Insights

Account Holder Fraud Prevention in Banks: Alert Enhancements

As fraud prevention in banking continues to be crucial in today’s digital landscape, it’s imperative for fraud investigators to utilize efficient tools that empower and support their investigative work.  The current Trigger and Alert views have been strategically modified to enhance the service provided to fraud investigators where they can now see relevant information that is intuitive to their role.

The Impact of AI on Cybersecurity Part 3: The DefenseStorm Approach to Cybersecurity and AI

Insights

The Impact of AI on Cybersecurity Part 3: The DefenseStorm Approach to Cybersecurity and AI

In our final entry into our series, The Impact of AI on Cybersecurity, we will explore how DefenseStorm utilizes AI in our own built-for-banking technology.

Deepfake Scam “Mom, Dad, I need your help.”

Fraud Squad

Deepfake Scam “Mom, Dad, I need your help.”

In our latest article in Fraud Squad series, we cover a deepfake scam that started with a call, a familiar voice, and a frantic plea for help. One couple is scammed out of nearly $10,000 when they received a call from whom they believed to be their incarcerated son requesting money for bail.

Cyber Threat Surveillance Operations (CTS Ops) Team

Datasheets

Cyber Threat Surveillance Operations (CTS Ops) Team

DefenseStorm Cyber Threat Surveillance Operations (CTS Ops) team is an extension of your cybersecurity team to bolster your cyber defenses and ensure your FI is threat ready. Our team’s professional expertise and certifications make them your ally in the fight against cybercrime, diligently working to stop threats from becoming costly and destructive attacks. 

 

 

Firewall Security: Strengthening the Weakest Link in Cybersecurity

Insights

Firewall Security: Strengthening the Weakest Link in Cybersecurity

Innovations in technology and security are top of mind for banks and credit unions, and when it comes to firewall security, it is critical to strengthen the weakest link in your cybersecurity efforts. As cyber risks evolve, institutions of all asset sizes must prioritize and invest in strengthening cybersecurity efforts.

Malware: Xenomorph Android Banking Trojan

Threat Alerts

Malware: Xenomorph Android Banking Trojan

Xenomorph, an Android banking trojan, has resurfaced in a more advanced form. Originally discovered in early 2022, this malicious software was initially targeted at European banks using screen overlay phishing techniques and was distributed through Google Play. However, the latest iteration of Xenomorph has expanded its scope to include over 35 financial institutions in the United States and various cryptocurrency applications. 

The Impact of AI on Cybersecurity Part 2: The Role of AI in Financial Services

Insights

The Impact of AI on Cybersecurity Part 2: The Role of AI in Financial Services

In Part 2 of our series – the Impact of AI on Cybersecrity – we will take a look at the the role of AI in financial services. The industry has been pushed to be more dynamic to meet the demands of customers, regulatory requirements, and security threats, and remain competitive while safeguarding customer data and assets.

PSA – MICROSOFT MITIGATES DATA EXPOSURE

Threat Alerts

PSA – MICROSOFT MITIGATES DATA EXPOSURE

If you haven’t already, you will likely begin to see cyber news headlines about a massive data exposure related to Microsoft.  While the exposure is bad and nothing to overlook, the report coming from Microsoft is that “ No customer data was exposed, and no other internal services were put at risk because of this issue. No customer action is required in response to this issue.” This was taken directly from Microsoft’s Security Research and Defense page.   

Understanding Business Email Compromise

Insights

Understanding Business Email Compromise

Business email compromise (BEC) is a type of cyberattack that usually occurs through some type of social engineering campaign where the criminals assume the identity of a trusted person or organization and attempt to influence their victims into providing money through transfers or other digital payments, divulging personal information, making phony purchases, providing credentials to accounts, etc

 

Zelle Bank Impersonation Scam

Fraud Squad

Zelle Bank Impersonation Scam

As peer-to-peer (P2P) digital payment platforms like Venmo and Paypal rapidly grew in popularity for their ability to provide easy, convenient money transfers, several major banks collaborated to create Zelle. The new transfer application promised to be “the next big thing” in banking, yielding near-instantaneous transfers directly between banks. Unfortunately, with new digital technology comes increased risk.

PSA – CISA Warns of Hurricane Related Scams

Threat Alerts

PSA – CISA Warns of Hurricane Related Scams

With the recent natural disasters that have occurred, it’s important to be aware that bad actors will attempt to leverage those devasting incidents for gain.  CISA has released a warning urging users to be aware of malicious activity when these types of incidents occur.  Please read the below alert from CISA.

Redefining Cybersecurity Part 5: Cyber Risk Awareness

Insights

Redefining Cybersecurity Part 5: Cyber Risk Awareness

In the final installment of our Redefining Cybersecurity series, we explore Cyber Risk Awareness. While the deployment of new technology is critical to ensuring cyber risk readiness, a lack of training and awareness is a significant liability to any institution.

The Impact of AI on Cybersecurity Part 1: The Role it Plays

Insights

The Impact of AI on Cybersecurity Part 1: The Role it Plays

The role of AI on cybersecurity is tremendous. AI is transforming daily business practices and enhancing the customer experience for most industries, but it is imperative to effectively balance technological advancement with close oversight while these technologies are rolled out.

Life Savings Lost to a Bank Scam

Fraud Squad

Life Savings Lost to a Bank Scam

A small business owner recently fell victim to a sophisticated bank scam that drained her life savings, where scammers exploited two-factor authentication to gain access and withdraw money from her account. This cautionary story serves as a warning about the increasing prevalence of fraud and emphasizes the significance of using effective fraud detection systems.

NCUA Cyber Incident Notification Requirements

Insights

NCUA Cyber Incident Notification Requirements

NCUA Cyber Incident Notifications Requirement goes into effect September 1, 2023.  The final rule requires that covered institutions notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.

Possible LinkedIn Account Hijacking Campaign

Threat Alerts

Possible LinkedIn Account Hijacking Campaign

While nothing official has been published by LinkedIn at the time of this post, accounts on the platform appear to be coming under attack in some type of hacking campaign of unknown origin.  Users are reporting on multiple other outlets that their accounts have been taken over, locked out of their accounts, and having difficulty resetting accounts to regain access

Redefining Cybersecurity Part 4: The Power of a Buyer’s Guide

Insights

Redefining Cybersecurity Part 4: The Power of a Buyer’s Guide

Part 4 of our Redefining Cyber Security series explores the power of a buyer’s guide, a vendor-neutral tool created by DefenseStorm to help FIs efficiently shop for new cyber security risk management solutions.

PSA – Midnight Blizzard conducts targeted social engineering over Microsoft Teams

Threat Alerts

PSA – Midnight Blizzard conducts targeted social engineering over Microsoft Teams

Internal communication applications, IE: Slack, MS Teams, etc.  Criminals are establishing domains that appear to be from legitimate technical support entities and then attempting to reach out to individuals to gain access to target users’ devices.  The below article was authored by Microsoft Threat Intelligence and taken from Microsoft directly and provides additional detail and threat actor attribution for these types of attacks.

The Role of Governance and Risk Assessment in Cybersecurity Success

Webinars & Videos

The Role of Governance and Risk Assessment in Cybersecurity Success

As the financial sector continues to embrace digital transformation, threat actors remain poised to exploit every vulnerability exposed. The ever-evolving threat landscape elicits a proactive cyber risk management solution that can pivot to address emerging threats as they materialize, and credit unions are faced with mounting pressure to prove their ability to prevent, detect, and mitigate those threats. Despite the many unique challenges and requirements in cyber risk management, credit unions can succeed in cybersecurity by establishing effective governance and utilizing risk assessments.

Redefining Cybersecurity Risk Management Part 3: Bridging the Communication Gap

Insights

Redefining Cybersecurity Risk Management Part 3: Bridging the Communication Gap

An effective cyber risk management strategy requires everyone within the FI to work together with a unified goal for budget allocation and solution implementation.

You Play Like You Practice: Cyber Incident Response

Insights

You Play Like You Practice: Cyber Incident Response

Military, law enforcement, and first responders train constantly to be prepared for anything that they may face during their careers, so when those particular situations arise, they are confident, efficient, and knowledgeable about how to deal with and resolve the incident. Cyber incident response is no different.

Redefining Cybersecurity Part 2: Cyber Security Risk Readiness

Insights

Redefining Cybersecurity Part 2: Cyber Security Risk Readiness

With a deeper understanding of this shift in ideology from reactive to proactive solutions, the question arises about your financial institution’s (FI’s) level of cyber security risk readiness.

MOVEit Critical Transfer Vulnerability

Threat Alerts

MOVEit Critical Transfer Vulnerability

Earlier in June DefenseStorm became aware of a  vulnerability disclosure involving MOVEit and posted an article.  The casualty list for this vulnerability is growing by the day largely due to exploitation by the Clop Ransomware gang of unpatched instances.

This is an update and reminder to please stay updated on patching and patch for the MOVEit vulnerabilities as soon as possible.

Redefining Cybersecurity Part 1: Cybersecurity and Risk Management

Insights

Redefining Cybersecurity Part 1: Cybersecurity and Risk Management

In this 5 part series, Redefining Cybersecurity, we will walk your FI through the process of evaluating your current state of cybersecurity and risk management so you can employ more efficient solutions to stay threat ready and compliant.