Types of Malicious File Attacks
Different types of file-based attacks include spear phishing, script injection, file obfuscation, and execution of exploit files.
How Cybercriminals Use Malicious Files
Attackers embed malware in documents, executables, and media files to infiltrate systems, steal data, or gain unauthorized access.
What Are File-Based Attacks?
File-based attacks exploit malicious files to compromise systems, bypass security measures, and deliver malware via emails, downloads, or shared networks.
Fortifying the Perimeter: Static Code Analysis and CDR in a Layered Defense Strategy
In the face of increasingly sophisticated cyber threats, a layered security approach is paramount. While Content Disarm and Reconstruction (CDR) offers a robust method for sanitizing document-based threats by reconstructing files to eliminate active content, its efficacy is limited when dealing with executable files. Executables, by their nature, cannot be reconstructed without altering their fundamental operation, …
Fortifying the Perimeter: Static Code Analysis and CDR in a Layered Defense Strategy Read More »
Removable Media Malware Scanning Kiosks: A Comprehensive Approach to NIST Media Protection
Removable media devices represent a significant attack vector for organizations. USB drives, external hard drives, and other removable media can introduce malware, facilitate data exfiltration, or compromise network integrity if not properly secured. The National Institute of Standards and Technology (NIST) Special Publication 800-53 Revision 5 addresses these concerns through various media protection controls, notably …
The Antivirus Multi-Scan Tradeoff: Striking the Right Balance
Antivirus (AV) solutions are the first line of defense against malware threats, offering essential protection against known attacks. Many organizations adopt AV multi-scanning, using multiple AV engines to increase detection rates and reduce reliance on any single vendor. But is more always better? This article explores the pros and cons of AV multi-scanning, the tradeoffs …
The Antivirus Multi-Scan Tradeoff: Striking the Right Balance Read More »
What’s the Difference Between Firewalls and Data Diodes?
As cybersecurity threats become more sophisticated, organizations must deploy the most effective security measures to protect their critical networks. Two commonly used technologies—firewalls and data diodes—serve distinct purposes in network security. Understanding their differences can help organizations choose the right solution for their security needs. Background: Firewalls vs. Data Diodes The term firewall originates from …
What’s the Difference Between Firewalls and Data Diodes? Read More »
What is Deep Content Inspection (DCI)?
A security process that analyzes files and data for threats beyond simple scanning, ensuring hidden malware is detected.
What is TLS Encryption?
Transport Layer Security (TLS) is a cryptographic protocol that secures data transmission over networks, preventing interception.
What is Secure File Transfer Protocol (SFTP)?
A secure protocol used to transfer files over a network with encryption and authentication mechanisms.
What is Network Segmentation?
The practice of dividing a network into separate sections to improve security and control access.
What is Intrusion Detection & Prevention (IDPS)?
A security solution that detects and responds to potential threats by monitoring network and system activity.
What is a Firewall?
A security system that monitors and controls incoming and outgoing network traffic based on predefined security rules.
Man-in-the-Middle (MitM) Attacks: How They Work
In a MitM attack, cybercriminals secretly intercept and alter communications between two parties to steal data, inject malware, or manipulate transactions.
How Encrypted Malware Bypasses Network Security
Attackers use encryption to disguise malware payloads within network traffic, making it difficult for traditional security tools to detect threats.
The Role of DNS Poisoning in Network Breaches
DNS poisoning (or spoofing) manipulates DNS records to redirect users to malicious websites, intercept sensitive information, or facilitate phishing attacks.
How Attackers Exploit Network Vulnerabilities
Cybercriminals exploit misconfigurations, weak credentials, outdated software, and open ports to infiltrate and compromise networks.
Understanding Lateral Movement in Cyber Attacks
Lateral movement occurs when attackers gain initial access to a network and move across systems to escalate privileges, evade detection, and access sensitive data.
Threat Mitigation Techniques for Network Security
Covers key threat mitigation techniques, from intrusion prevention systems to anomaly detection and response strategies.
How to Secure Networks Against Unknown Threats
Discusses methods to protect networks from unknown threats, including zero-day vulnerabilities and emerging malware.
The Importance of Network Segregation and Isolation
Compares network segregation and isolation, highlighting their unique roles and when to implement each for optimal security.
Network Protection Strategies: Safeguarding Against Evolving Cyber Threats
Discover strategic frameworks and methodologies to build multi-layered network protection that adapts to emerging threat landscapes.
Mastering Network Segmentation A Guide For It Security Teams: Secure Your Digital Infrastructure
In today’s increasingly complex and fast-changing cyber threat environment, network segmentation is crucial for effective security measures. When implemented correctly, it can significantly reduce the risk of attackers moving laterally within the network, limit the impact of any breaches, and improve overall network performance and manageability. However, achieving effective network segmentation requires a thorough understanding …
Gs Analyzer Meeting The Challenge Of Malicious Executables: Secure Your Digital Infrastructure
In cybersecurity, detecting and mitigating threats posed by malicious executable code within benign files is a significant challenge. The 2020 SolarWinds breach exemplifies the damage caused when trusted software updates are compromised, leading to widespread cyber intrusions across government and corporate networks. Malicious executables often remain undetected until activation, as seen in the SolarWinds incident, …
Avoiding Data Diode Disasters Common Pitfalls And Their Mitigations: Secure Your Digital Infrastructure
Data diodes are the go-to solution for securing and segmenting critical networks however, faulty implementation could introduce vulnerabilities. In this post, we’ll explore common pitfalls in data diode implementation – how attackers have taken advantage of them and what you can do to avoid such instances in your network. Configuration Oversights The most obvious and …
Strategic Technological Approaches To Minimize Supply Chain Vulnerabilities: Secure Your Digital Infrastructure
The modern supply chain landscape is a complex web of interconnected entities, spanning across borders and involving intricate digital and physical processes. While these supply chains facilitate global commerce, they also present inherent vulnerabilities and risks, especially in the realm of cybersecurity. In response to these challenges, organizations are increasingly turning to advanced technological strategies …
Gatescanner Mail Gateway Receives Cybersecurity Award: Secure Your Digital Infrastructure
The winners of the 20th Annual 2024 Globee® Awards for Cybersecurity were announced today with Sasa Software named second in the Email and Web Security category, and first in email security. Sasa Software submitted its innovative GateScanner Mail Gateway solution for the protection of enterprise email, which for the first time offers Content Disarm and …
Ai Powered Malware Preventing The Unknown: Secure Your Digital Infrastructure
Malware developers are leveraging AI algorithms to automate and enhance various stages of the attack lifecycle, from reconnaissance to evasion. This results in stealthier and more targeted attacks that can bypass traditional security measures. Conventional security tools struggle to detect AI-generated malware due to its dynamic and polymorphic nature. As a result, network security teams …
Ai Powered Malware Preventing The Unknown: Secure Your Digital Infrastructure Read More »
Optimizing The Sandbox Recognizing And Addressing Limitations: Secure Your Digital Infrastructure
Sandbox technology, a crucial component in cybersecurity, grapples with intricate challenges that necessitate an in-depth understanding for effective mitigation. In this post we will review some approaches to meet current challenges facing this technology. Performance Overhead and Scalability Issues Sandbox environments often face challenges related to performance overhead and scalability. The process of analyzing potential …
Safeguarding Medical Imaging Data Addressing The Orthanc Osimis Dicom Web Viewer Vulnerability: Secure Your Digital Infrastructure
Healthcare organizations rely heavily on DICOM (Digital Imaging and Communications in Medicine) technology for the storage and exchange of medical imaging data. However, a recent advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a critical vulnerability in the Orthanc Osimis DICOM Web Viewer, posing a significant threat to the security of medical imaging data. This …
Addressing Security Risks in Digitally Signed PDF Documents
By Yakov Yeroslav, CEO One of the most formidable cyber threats today involves malicious actors exploiting trusted network channels to infiltrate organizations’ infrastructure via infected files – channels that must remain open for regular business operations. To combat this evolving threat landscape, organizations are turning to cutting-edge technology known as Content Disarm & Reconstruction (CDR). …
Addressing Security Risks in Digitally Signed PDF Documents Read More »
The Importance Of Central Management In Sheep Dip Kiosk Implementation: Secure Your Digital Infrastructure
USB drives, while convenient for data storage and transfer, can also introduce several inherent threats to computer systems and networks, such as malware and viruses, autorun exploits and firmware attacks. A commonly used security measure, known by the name “Sheep dip”, is the deployment of USB scanning kiosks. However, to truly maximize the effectiveness of …
New Study From Cisa Cdr Reduces Risk Content In Files By 98: Secure Your Digital Infrastructure
New study from CISA: CDR reduces risk content in files by >98% In a recent study from the Cybersecurity and Infrastructure Security Agency (CISA) that was presented at RSAC 2023 [1], Tom Ruoff and Dr. Olga Livingston showed results of a pilot assessment model for anti-malware controls that tested three CDR solutions in a chained …
New Threat In Rtf Files Cve 202321716: Secure Your Digital Infrastructure
Critical threat in RTF files (CVE-202321716) Microsoft recently announced a newly discovered vulnerability in RTF files that gives unauthenticated users access to remotely execute commands on host machines. An attacker could send a malicious e-mail containing an RTF payload that would allow execution of commands within the application that was used to open the malicious …
New Threat In Rtf Files Cve 202321716: Secure Your Digital Infrastructure Read More »
Sasa Software Wins Award For Medical Imaging Data Security Solution: Secure Your Digital Infrastructure
Sasa Software Wins Award for Medical Imaging Data Security Solution February 26, 2023, Tel Aviv ‘People and Computers’, the leading Israeli IT portal, has announced its winners for the 2022 ‘Excellence in Computing’ competition, naming Sasa Software as an ‘IT Awards’ winner in the Command & Control category, for the new GateScanner Imaging Gateway that combines …
SVG images – the hidden threat your anti-virus can’t see
SVG images – the hidden threat your anti-virus can’t see A new type of file-based attack is spreading quickly, cleverly circumventing standard detection-based protections. This method of attack employes malicious emails with HTML attachments that include embedded, base64-encoded, SVG images. SVG images can, by design, include Javascript tags, and these script tags are now being …
SVG images – the hidden threat your anti-virus can’t see Read More »
Hacking For The Millions The Dark Side Of Chatgpt: Secure Your Digital Infrastructure
Hacking for the Millions: The dark side of ChatGPT Hacking just got a lot easier. With ChatGPT, even novices can craft cutting edge malicious code with the power of an AI knowledge base. ChatGPT, which stands for Chat Generative Pre-trained Transformer, is a chatbot developed by OpenAI. Launched in November 2022, it has been heralded …
Hacking For The Millions The Dark Side Of Chatgpt: Secure Your Digital Infrastructure Read More »
Blocking The Raspberry Robin Usb Worm: Secure Your Digital Infrastructure
Blocking the Raspberry Robin USB Worm The Microsoft Security Threat Intelligence team recently reported the discovery of activity showing that the Raspberry Robin worm is now part of a complex and interconnected malware ecosystem with links to other malware families and alternate infection methods beyond its original USB drive spread. The investigators found that Raspberry …
Blocking The Raspberry Robin Usb Worm: Secure Your Digital Infrastructure Read More »
Sasa Software Named Top Infosec Innovator For 2022: Secure Your Digital Infrastructure
Sasa Software named winner of ‘Top Infosec Innovator’ for 2022 TEL AVIV, OCTOBER 27, 2022 – SASA SOFTWARE the cybersecurity industry’s leading provider of Content Disarm and Reconstruction (CDR) network security solutions today announced that is has been named a winner in the Top InfoSec Innovator Awards for 2022. Sasa Software competed against many of …
Sasa Software Named Top Infosec Innovator For 2022: Secure Your Digital Infrastructure Read More »
Threat Alert / Critical Infrastructure: Avoslocker
| Threat Alert AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group targeting critical infrastructure sectors globally, including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. AvosLocker ransomware encrypts files on a victim’s server and renames them with the “.avos” extension. AvosLocker actors then place ransom notes on the …
Threat Alert / Critical Infrastructure: Avoslocker Read More »
Gartner Cdr Content Sanitization Scores High In Network Infrastructure Security: Secure Your Digital Infrastructure
Gartner: CDR content sanitization technology scores high in network infrastructure security Content Disarm and Reconstruction (CDR) technology is identified by Gartner as a ‘high benefit’ technology for network infrastructure security as it continues to mature towards mainstream adoption. In the latest edition of Gartner’s Hype Cycle report on network security (July ’21)[1], content sanitization technology …
Dicom The Invisible Vulnerability Of Healthcare Networks: Secure Your Digital Infrastructure
DICOM: The ‘Invisible’ Vulnerability of Healthcare Networks Attacks on healthcare systems are a growing concern. Healthcare data is a special category of sensitive data, containing extremely sensitive personal information that make it attractive both for institutional blackmailing – in the form of ransomware, and for individual ransom demands as in the case of high-profile individuals. …
Gatescanner Secure Mail Gateway: Advanced Protection Strategies
On the Future of Email Security Introducing GateScanner Mail Gateway An interview with Yakov Yeroslav, CEO of Sasa Software Q: Sasa Software has been at the forefront of file-based cyber-protection for several years now, with the GateScanner USB Kiosk successfully installed in hundreds of locations around the world. What prompted Sasa Software to go ahead …
Gatescanner Secure Mail Gateway: Advanced Protection Strategies Read More »
GISEC Dubai – Live events are back!
GISEC Dubai – Live events are back! By Oren T. Dvoskin / Global Marketing Director @ Sasa Software Face to face meetings are back! We just returned from GISEC 2021– the Gulf’s leading Cybersecurity event. It was our first F2F event and our first business travel outside of Israel since #COVID. It truly dawned on me …
Supply Chain Attacks And Their Impact On Ot Ics Cybersecurity: Secure Your Digital Infrastructure
Supply Chain Attacks and their impact on OT/ICS Cybersecurity Solarwinds and other supply chain attacks are the initial attack vector on organizations – the first link in a sequence of steps to achieve control and disruption. How can industrial networks be protected? Described by Microsoft’s President Brad Smith as the world’s largest and …
Lessons Learned from the Oldsmar Water Treatment Cyber attack
Lessons learned from the Oldsmar water supply cyberattack Hacked: The water treatment facility in Oldsmar, FL According to a cybersecurity advisory issued jointly last Thursday (2/11) by the FBI, CISA, UEPA and the Multi State ISAC, unidentified cyber actors had obtained unauthorized access to the supervisory control and data acquisition (SCADA) of a U.S. drinking water …
Lessons Learned from the Oldsmar Water Treatment Cyber attack Read More »
Gatescanner Salesforce Connector Brings Data Security To The Cloud: Secure Your Digital Infrastructure
GateScanner-Salesforce connector brings CDR data security to the cloud Sasa Software has teamed up with Assuta Medical Centers, Israel’s largest private medical services provider, and Deloitte Digital, the world’s leading professional services firm, to develop a Salesforce security software connector that deliver Salesforce content protection in a transparent, SaaS-based modality.GateScanner® Content Disarm and Reconstruction (CDR) Salesforce connector is …
Emotet Campaign
Emotet Campaign – Guidance to GateScanner Users Emotet, one of the most famous and dangerous Trojans, has lately been spotted as a part of a mass phishing campaign. The campaign consists of an email which includes a Microsoft Office doc that when clicked gives an Office 365 error message, generated by an obfuscated macro script. The …
Sasa Software Gartner Cool Vendor: Secure Your Digital Infrastructure
Sasa Software named “Cool Vendor” by Gartner, in Cyber-Physical Systems (CPS) Security report 2020. Analyst firm Gartner recently published the “Cool Vendors in Cyber-Physical Systems Security” (CPS) [1] naming Sasa Software in the report. This adds to a previous publication, “Market Guide for Operational Technology Security” [2], identifying Sasa Software in the OT Endpoints Security …
Sasa Software Gartner Cool Vendor: Secure Your Digital Infrastructure Read More »
Sasa Software Partners With Sentinelone To Offer Nextgen Ai Driven Security: Secure Your Digital Infrastructure
Sasa Software Partners with SentinelOne to Offer NextGen AI-driven Security First published on SentinelOne blog Content Disarm and Reconstruction (CDR) is designed to provide a safe, hassle-free solution for the prevention of file-based attacks. Instead of relying on signature-based scanning or sandbox behavioral analysis, the technology breaks the file into its components, and then re-creates …
