A lot of the work security vendor marketing teams do as they collectively publish hundreds of articles each week is wasted, unfortunately. 

But maybe some of it just looks wasted, because the titles suggest relatively boring updates lying on the far side of your click.

This past week, there were a lot of updates on attack variants and evidence of damage. One example: 

Proofpoint Threat Insight
Emotet Tests New Delivery Techniques
…the new activity observed by Proofpoint is a departure from their typical behaviors and indicates the group is testing new attack techniques on a small scale before adopting them for larger volume campaigns. The messages contained OneDrive URLs that hosted a zip archive containing XLL files dropping Emotet malware.

It’s a bit of hard news and I think it’s good discipline for vendors, to the extent that they directly discover it via their products or services, to share it. 

A lot of this kind of stuff never gets anywhere, and I suspect the reason is that it’s not really news. “Enterprises Still Not Coping with Ransomware” is probably not news, to take a hypothetical example. 

You might expect the same fate for the ProofPoint piece, but you’d be wrong. For one thing, it fell in a relatively slow news week. For another, Emotet got people’s attention when it first broke out, then took a several-month hiatus of sorts, and now is back. 

Even with all the prior coverage of Emotet, ProofPoint’s blog entry snuck on to the bottom of page one of SERPs for “emotet” the day after the piece went live. That’s crazy good stuff right there, SEO wise. 

But the value of the piece from a marketing perspective was considerably greater than that. The top of the SERPs for “emotet” is a “Top Stories” header that features four separate stories built on this same blog post that appeared on Threatpost, Bleeping Computer, CyberScoop, and The Hacker News. 

Each article, as you’d expect, explicitly calls out the ProofPoint research. You can’t force those kinds of results, but from time to time it is indeed possible to score them by dint of good material and savvy timing and presentation (doesn’t hurt to make a few calls and offer a quotable expert for a phone interview). 


Of General Interest

Heimdal Security Blog
Top Exploited Vulnerabilities in 2021 Revealed by Cybersecurity Firms
U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities assess, in 2021, malicious cyber actors aggressively targeted newly disclosed critical software vulnerabilities against broad target sets, including public and private sector organizations worldwide. These mitigations include applying timely patches to systems and implementing a centralized patch management system to reduce the risk of compromise by malicious cyber actors.

Attacks on IoT: The Call to Combat Rising Cyberthreats in the Telco Space
Attacks on IoT: In today’s cyberthreat landscape, threat actors are drawn to organizations that operate within critical infrastructure sectors, including telecommunications (telco), due to the potential to cause significant damage and disturbance to critical processes that benefit ordinary people and entire governments. The post appeared first on LogRhythm .

Technical – of interest:

wickr blog
5 Key Elements of a Successful End-to-End Encryption Strategy
A robust E2E encryption solution needs to include five essential elements: asymmetric encryption, complex cryptography, perfect forward secrecy, ephemeral messaging, and user key verification. End-to-end encryption protects all data in transit, so that all text, voice, and video communications stay secure.