Insights

There’s always something happening in the world of cyber security which is why every week Integrity360 highlights just a few of the biggest stories hitting the headlines.

As remote working has steadily become the norm in the post-pandemic period, it’s becoming increasingly clear that many organisations are failing to effectively maintain data security. At the heart of this issue is a lack of data access controls.  

Firewalls are a critical underpinning component of cyber security and implementing the necessary network security controls for the prevention and detection of threats.  

There’s always something happening in the world of cyber security which is why every week Integrity360 highlights just a few of the biggest stories hitting the headlines. 

Is your organisation implementing zero-trust correctly? While thousands of enterprises flocked to implement a zero-trust framework during the Covid-19 pandemic, many have struggled to effectively deploy it within their environments.  

There’s been a cyber security skills shortage for years. It’s an issue the industry continues to struggle with and it’s not going away any time soon. Fortunately, businesses can fill their skill gaps by outsourcing to Managed Security Service Providers (MSSPs) like Integrity360.

Integrity360 and Caretower, two of the most established and respected providers of cyber security services today announced that they have joined forces with Caretower becoming an Integrity360 company. The terms of the transaction were not disclosed.

A month ago, Ponemon and IBM released the Cost of a Data Breach 2021 report, an annual study on the cost of data breaches and the modern threat landscape. The report not only highlighted that the cost of data breaches is on the rise but also showed that enterprises are taking longer to contain security incidents. 

Microsoft has disclosed yet another critical vulnerability not long since PrintNightmare was disclosed. This privilege elevation vulnerability lies in the overly permissive Access Control Lists (ACLs) on the important and sensitive Security Accounts Manager (SAM) database, SYSTEM and SECURITY registry hives. This means that an attacker with a standard non-administrative account can in theory achieve local privilege escalation, masquerade as other users and/or achieve the following:

TrickBot is a banking trojan that was first detected in September 2016 and since that time had been developed to incorporate the targeting of multiple geographies and online services. The malware was developed to gain unauthorized access to customer bank accounts to facilitate fraudulent transactions, but also targeted users of online services such as Salesforce and cryptocurrency services. The malware was reportedly delivered via spam emails containing malicious attachments, including those distributed by the Necurs botnet, and via the RIG exploit kit. In some cases, TrickBot used an exploit called EternalBlue (affects CVE-2017-0144) or Windows API calls to propagate in a local network. The functions and activities of TrickBot are reportedly very similar to the Dyre banking trojan, and it was assessed by researchers to be linked to this trojan, including that at least one of the developers of Dyre was involved in the development of TrickBot.

Integrity360, Ireland’s largest security specialist has announced that it has partnered with Microsoft to bring Microsoft's industry leading security suite to its enterprise clients.

Integrity360, one of the UK and Ireland’s fastest growing cyber security specialists, has today announced a major strategic investment from leading private equity firm August Equity as part of a significant growth and expansion plan that will build the brand internationally.