The Importance of Security Measures and Posture in Today’s World
Technology has made significant leaps and organisations of all sizes today must prioritize their security posture to protect sensitive information from cyber-attacks, from modern EDR tools to a proper Incident Response plan
FIRMUS Advisory: Royal Ransomware
Started to emerge in early 2022, the Royal ransomware is still active and currently impacting organizations across the globe, including the South East Asia region. Our advisory provides an in-depth analysis of technical details, detection methods, IOCs, Royal Ransomware's hashes and its associated files.
FIRMUS Advisory: MOVEit Ransomware
The MOVEit ransomware was making headlines everywhere worldwide, and since now it has passed, it's crucial for everyone to raise awareness and protect against similar types of threats in the future. Our advisory provides an in-depth analysis of technical details, detection methods, IOCs, and the CLOP ransomware group's TTPs involved in MOVEit attacks.
Why Consolidation of Managed Cybersecurity Service Providers (MSSP) is Inevitable – Through the Lens of an MSSP
With the rise in popularity and importance of cybersecurity monitoring, it paved the way for many local and foreign Managed Cybersecurity Service Providers (MSSP) like SysArmy, Bluesify, Ensign InfoSecurity, DXC, and BlueVoyant; where organisations outsourced their monitoring and management of security devices and systems. Like the US banking industry years ago, this is the dawn of “MSSP Consolidation”; amidst increasing demand for high-quality MSSP as well as tougher competition
Early Warning Alert: ASUS Router Critical Vulnerabilities
ASUS has published updated firmware with cumulative security updates that address vulnerabilities in several router models, advising customers to update their devices immediately or restrict WAN access until they are secure. According to the organisation, the newly released firmware fixes nine security flaws, including a high and critical one.
Cyber Threat Alert: MOVEit Transfer Vulnerability Exploited (CVE- 2023-34362)
MOVEit, a well-known secure file transfer program, is at the center of a high-profile breach known as "Zero-Day MOVEit Transfer Vulnerability" that was recently revealed. This possible flaw might result in elevated privileges and unauthorided access to the environments. The attacking approach is a SQL Injection onto unpatched MOVEit servers, which allows the threat actor to gain access and remotely execute arbitrary code. As a result, it is critical to patch the flaw with the most recent security patches released by Progress Software in order to prevent exploitation efforts.
