Blog

Cybersecurity is becoming a key aspect for any company that wants to ensure the continuity of its business operations, as well as safeguard customer trust and brand reputation. Additionally, the techniques and methods for attacking a company are constantly evolving, becoming much more sophisticated, especially with the use of technologies like Artificial Intelligence.

There are a series of cybersecurity protocols that every organization should have implemented and activated to protect both the internal and external security of the company. This is a way to safeguard data from the clutches of cybercriminals, thus avoiding both economic damage and harm to the company's image and brand reputation.

To ensure the proper functioning and protection of cybersecurity systems within a company, periodic monitoring and evaluation are of utmost importance. Evaluating the organization's IT systems and infrastructure is crucial to understanding their level of cybersecurity.

The MITRE ATT&CK matrix, designed by the MITRE Corporation, is used to describe and catalog fraudulent behaviors in cybersecurity. To do this, it relies on tactics and techniques commonly used by cybercriminals to prevent users from such attacks.

Distributed Denial of Service (DDoS) attacks are a variant of Denial of Service (DoS) attacks and aim to disable a server, a service, or an infrastructure.

One of the most common cyberattacks is phishing and email account hacking. These attacks, increasingly sophisticated, are becoming harder to detect, resulting in a higher success rate compared to other types of attacks.

In a previous article, we talked about Petam.io, the automatic online scanner we have developed to detect security breaches as a tool to democratize cybersecurity.

MDR (Managed Detection and Response) is a managed cybersecurity service, which means it provides real-time monitoring, threat detection, and incident response autonomously. It's a solution that continuously monitors a client's network, identifies potential threats, and takes actions to contain and mitigate them.

In the realm of cybercrime, new methods of cybercriminals violating our rights and taking advantage of them are constantly being detected.

Technology has also made its way into the education sector. Teaching through computers and screens is the most common and widely used method by educational institutions nowadays.

Ransomware  is a type of malware that prevents access to our inforamation. In other words, cybercriminals block access to our files and demand an economic ransom in exchange for restoring access. If we don't comply, they threaten to publicly disclose the encrypted information, wich often includes sensitive data sucha as bank accounts and emails.

What is the main objective of cybercriminals when attacking a company or user? To obtain confidential information that could jeopardize the reputation of an organization or individual, aiming to gain economic benefits in exchange for not making it public.

In 2022, cyberattacks in the healthcare sector surged by 650%, according to Tehtris. These attacks can result not only in the loss of sensitive and confidential data about clients, patients, suppliers, collaborators, etc., but also in the potential theft of formulas or disruption of the organization's activities.

At ESED, as a company specialized in cybersecurity, especially in the healthcare sector, we want to discuss some of the ethical hacking techniques we use in the pharmaceutical sector to ensure the security of their information and prevent data leaks.

In a previous post, we've already discussed phishing, cyberattacks launched through email with the goal of deceiving the user into taking a specific action, such as clicking on a link that includes the download of an infected file.

We refer to cyberfraud as all those crimes or scams that are committed on the internet, whether through a website or the applications we use. Cyberfraud is big business: according to a report from the European Central Bank (ECB), fraudulent transactions amount to 1.8 billion euros annually. In 2019, cybercrimes grew by 36% compared to 2018. According to the Ministry of the Interior, 12 frauds and threats are reported online every hour.

Sharing folders and files is one of the most common practices nowadays, especially now that most of us work in the cloud and spend our days granting and revoking permissions. To you, I say you can only view it, to you, you can view and edit it... and so on all day long. But do we really have control over who has access to the information, who was the last person to modify it, or where it is located?

Let's put ourselves in a bit of context...

Artificial Intelligence (AI) is disrupting various aspects and sectors of our society. This technology, which is here to stay and continues to evolve, initially aimed to make our lives easier and provide support in areas where the execution of certain manual tasks required too much effort, time, and money to accomplish

Pharmaceutical giant Novartis fell victim to a cyberattack. (Clarín, June 2022)

Advisory and consulting firms handle and collect a large amount of data and confidential information that could be vulnerable in the event of a cyberattack.

The loss of files and data, whether due to accidental deletion or the entry of a virus into our system or device, is very common. With the years we have spent in the world of cybersecurity and IT solutions, we have realized that data recovery services or Disaster Recovery continue to be in high demand.

Currently, 94% of users use mobile phones to connect to the Internet, according to the AIMC. A very relevant but worrying figure at the same time. Those of us who work in computer security are aware that mobile security is not usually the same as computer security.