Our brand in today’s cybersecurity landscape
It is our ambition to constantly advance cybersecurity. We have expanded our focus from a pure service perspective to offer product solutions for companies of all sizes. With Smart Solution, we are making cybersecurity accessible to small and medium-sized enterprises as well, so we have – quite naturally – evolved.
The portfolio has expanded and our efforts remain the same: to warn customers and companies of IT risks at an early stage and to protect them from cyberattacks. To do so, we rely on our specially developed technological platform and years of expertise, which will now also be reflected visually.
We are pleased to present the newly adapted logo including our tagline.
Radar Pulse 2019
After weeks of teasing highlights and talks, our very first Radar Pulse Cybertechnology Conference took place on June 4th in Vienna. We were delighted about so many people joining us. It was an amazing opportunity to showcase our expertise, innovations and products. Following the talks, customers and partners had the opportunity to visit the Radar Exhibition to get further information and to meet the experts from Radar Cyber Security.
Our topics touched on Radar Smart Solution, Log Data Analytics (LDA) & Machine Learning, the RadarPlatform and the Radar Analytics Interface: RAIN. Here’s a short video recap of the highlights from our first Radar Pulse Conference >>
Cyber Security Report 2018
Radar Cyber Security focuses on cybersecurity. That is why it is important to understand concerns, software and IT landscapes of customers as well as processes and the environment in which these systems are used. This also applies to the risks that we do not look at in isolation, but understand in their context. In our review, our experts provide tips on a wide range of security areas – from operational technology to small and medium-sized enterprises and the Internet of Things. But of particular importance are their cybersecurity tips to improve security.
Brief Report on the current Cybersecurity Threat Situation
A large amount of malware tries to exploit the same few vulnerabilities. Once they are discovered, these vulnerabilities should be patched immediately to minimize the risk. Despite numerous new threats being developed daily, many of them rely on old, known security vulnerabilities to work.
There were several vulnerabilities in applications and infrastructure. Windows vulnerabilities in RDP Protocols allowed a malicious actor to reverse the usual direction of communication and infect the IT professional or security researcher’s computer. Vulnerabilities in WinRAR potentially exposed 500 million users to remote code execution. Through unpatched Oracle Java vulnerabilities, attackers could potentially modify them to control the content of these components: 2D, Libraries, RMI, and Windows DLL. Similar threats could be observed for unpatched versions of Mozilla Firefox, Google Chrome, Adobe Acrobat and Microsoft.
Also, various network anomalies were discovered, e.g. suspicious DNS requests which could indicate a breached machine. Many malware-families still reveal their presence through such requests. Strange FTP requests give analysts a convenient way of detecting it. The recent version of GandCrab ransomware did just that. GandCrab encrypts the files on the compromised computer quickly and must be dealt with immediately after detection. This malware also has the ability to spread by exploiting vulnerable server-software.
Emotet ist still a viable threat and has the most advanced social engineering capabilities outside of targeted campaigns. Emotet produces deceptively authentic-looking phishing emails. As reported by our experts in our CDC, the initial vectors are still usually DOC-files with Macros (sometimes delivered as links to Dropbox or other file-stores). Fortunately, recent variants could be easily detected using Radar Cyber Security’s Threat Intelligence database. They also show their presence through our SIEM rules by detecting unusual DNS requests and use of uncommon ports.
In many cases, multiple failed logins in active directories point to hackers or bots trying to exploit these to gain access to Enterprise Application Access (EAA) accounts.
Our trend analysis by our experts reveals numerous instances of policy violations in order to gain access by:
- Kerberos attempt of local logins
- Account brute force followed by success login
- Suspicious administrator credential used
What our experts from our CDC still observe in their daily work is cryptojacking malware. It allows hackers to take over enterprise computer equipment for mining cryptocurrencies. Currently, cryptojacking is more common than ransomware. Ransomware is still a top cyberthreat, even though fewer instances of major ransomware attacks like WannaCry and CryptoLocker were observed over the past months.
In 2019 new types of fileless malware may appear. Fileless malware uses PowerShell to exert damaging blows against victims. They will target different vulnerabilities and victims and be more diverse, targeting employees from all positions in the enterprise. Still one of the most common and successful ways is to distribute malicious software. Macros hide in Office files, server/client applications, steal credentials, and can be delivered as email attachments or inside ZIP files. As our analysts observe, a malicious Macro is the first link in a system compromise.
Last but not least our cybersecurity experts witnessed botnet related security events involving large numbers of computers, mostly workstations, which receive commands from C&C.
Meet our experts
Our experts are at your disposal – meet them at conferences and exhibitions or talk to them in webinars online.
Creating the future together
Our multinational team of IT security professionals and enthusiasts continuously provides and enhances our in-house built security solutions and tools. Watch some of our peers talk about life at Radar Cyber Security >>
Q2 2019 review
A short overview of the most important events we have participated in
Several of Radar Cyber Security’s developers joined Austria’s largest Python event from May 3rd to May 4th to discuss the latest trends, listen to awesome speakers and diverse topics.
1st Radar Pulse Conference Vienna
Our first ever conference took place on June 4 in Vienna. Watch the highlights from the Radar Pulse Conference >>
University of Applied Sciences in St. Gallen
On May 7 Aldo Frick gave a lecture on “Strengthening cyber defences with SOC as a Service” at the University of Applied Sciences in St. Gallen. The CEO of Telecom Liechtenstein AG explained why they opted for a SOCaaS approach and which services are offered to customers. The increasing complexity of the IT systems and architecture, risks, internal know-how as well as experience, time expenditure and costs were shown.
Radar Cyber Security Updates
News from Radar Cyber Security >>
Penetration test for OpenSource project
The work of Radar Cyber Security’s Offensive Security Team helps to bolster cybersecurity efforts. >>