Executive Summary – Continued Attacks on USA Law Firms

By Eric Taylor | January 16, 2025 | Comments Off on Executive Summary – Continued Attacks on USA Law Firms

Executive Summary A cybercriminal operating under the alias CeFarir0ne has put up for sale unauthorized Remote Desktop Protocol (RDP) access to an unidentified law firm based in the United States. According to the forum listing, the law firm generates approximately $5 million in annual revenue. The access being sold includes: A user-level domain account One domain controller One domain trust…

Read More

BianLian Data Extortion Group – Updated Advisory

By Eric Taylor | November 21, 2024 | Comments Off on BianLian Data Extortion Group – Updated Advisory

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have released a joint Cybersecurity Advisory detailing the tactics, techniques, and procedures (TTPs) of the BianLian ransomware and data extortion group. This advisory, updated as of November 20, 2024, provides critical…

Read More

Are You Using M365 Co-pilot? Beware of Missing Logs and Hidden Costs

By Eric Taylor | November 12, 2024 | Comments Off on Are You Using M365 Co-pilot? Beware of Missing Logs and Hidden Costs

Leveraging M365 Co-pilot’s AI capabilities can be transformative for organizations, but recent insights underscore that logging and auditing around Co-pilot aren’t just optional—they’re crucial for maintaining security, compliance, and enabling effective digital forensics. According to Microsoft’s documentation, M365 Co-pilot and its associated services do not automatically enable comprehensive logging by default. This poses critical concerns…

Read More