Intelligence

Our latest thinking and insights.

Hacker’s Perspective: Web App Vulnerabilities – Detailed Error Messages
Hacker’s Perspective: Web App Vulnerabilities – Detailed Error Messages
Detailed error messages may seem unimportant, but they can be very valuable for attackers. Here's more on why they are important and how you can fix this web app vulnerability.
Posted on Jan 18 / 2022
Cyber Intelligence Weekly (Jan 16, 2022): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Jan 16, 2022): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Russia Pretends to Care About Criminal Cybersecurity Activity for a Day, Ukraine State Websites Hit with Cyber Attack, and EU Police Agency, Europol, Forced to Delete Mass Amounts of Personal Data
Posted on Jan 16 / 2022
Hacker’s Perspective: Web App Vulnerabilities – Invite Feature
Hacker’s Perspective: Web App Vulnerabilities – Invite Feature
Hidden dangers within your web app’s ‘invite’ feature, why it matters, and how you can fix it.
Posted on Jan 13 / 2022
CMMC 2.0 - Three Big Reasons to Start the Compliance Process Now
CMMC 2.0 - Three Big Reasons to Start the Compliance Process Now
The DoD’s Cybersecurity Maturity Model Certification (CMMC) framework is changing, but there are many advantages to beginning your compliance journey now rather than later.
Posted on Jan 13 / 2022
Cyber Intelligence Weekly (Jan 9, 2022): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Jan 9, 2022): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Commercial Antivirus Products Now Come with Free Crypto Miners! (Not Kidding), Stalking/Privacy Concerns Abound with Apple AirTag Device, and Russian IT Exec Recently Captured for Insider Trading May Have Deep Kremlin Ties
Posted on Jan 09 / 2022
Cyber Intelligence Weekly (Jan 2, 2022): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Jan 2, 2022): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Cheers to Y2K22! Should old acquaintance Microsoft Exchange be forgot, and never brought to mind?, Users of Popular Password Manager Targeted in Credential Stuffing Attacks, and Shutterfly Hit with Massive Ransomware Attack
Posted on Jan 02 / 2022
Top 10 Cybersecurity Articles in 2021
Top 10 Cybersecurity Articles in 2021
At Echelon, our team takes pride in contributing to and participating in our cybersecurity community. We regularly publish articles on our Intelligence blog to help our clients (and everyone!) stay vigilant. Here are the top 10 articles from 2021.
Posted on Dec 20 / 2021
Cyber Intelligence Weekly (Dec 19, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Dec 19, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Log4j Fallout Continues and New Vulnerabilities Uncovered, What Management Should be Asking About Log4j/Log4Shell, Microsoft and Mandiant Observe Exploitation of Log4Shell in the Wild
Posted on Dec 19 / 2021
Log4shell: How Attackers are (Currently) Breaking the Internet, and How to Mitigate
Log4shell: How Attackers are (Currently) Breaking the Internet, and How to Mitigate
Websites are like buildings. If your website's foundation is vulnerable to Log4j, check out this overview of the attack, how to test for it, and how to mitigate it.
Posted on Dec 16 / 2021
Top 7 Cybersecurity Predictions for 2022
Top 7 Cybersecurity Predictions for 2022
As 2021 winds down, we take a peek into the future of cybersecurity for 2022. Will our predictions come true?
Posted on Dec 14 / 2021
Cyber Intelligence Weekly (Dec 12, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Dec 12, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Critical Vulnerability in Ubiquitous Java Logging Utility, Log4j, America Runs on D̶u̶n̶k̶i̶n̶ AWS, Emotet Malware Making a Strong Comeback
Posted on Dec 12 / 2021
Cyber Intelligence Weekly (Dec 5, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Dec 5, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Former Ubiquiti Developer Charged by FBI for Extorting His Employer, NSO Group Tools Target U.S. and Other Officials in Uganda, and Hackers Are Spamming Businesses’ Receipt Printers With ‘Antiwork’ Manifestos
Posted on Dec 05 / 2021
Cyber Intelligence Weekly (Nov 28, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Nov 28, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: GoDaddy Announces Security Incident Affecting Managed WordPress Service, Apple Sues NSO Group to Curb the Abuse of State-Sponsored Spyware, Brian Krebs Rings Alarm Bell on Zelle Fraud Scam for a Second Time
Posted on Nov 28 / 2021
Cyber Intelligence Weekly (Nov 21, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Nov 21, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: United States Charges Two Iranians with Attempting to Interfere with 2020 Presidential Election, $500 million in Cyber Spending Inches Closer to Reality as Part of 'Build Back Better' Bill, and Cisa Release Playbook for Incident Response.
Posted on Nov 21 / 2021
Cyber Intelligence Weekly (Nov 14, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Nov 14, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Robinhood Announces Data Breach, Millions of Records Involved, FBI Systems Abused in Hoax Email Blast, 50+ Flaws In This Month’s Patch Tuesday from Microsoft.
Posted on Nov 14 / 2021
Embracing New Technology? Here’s How to Keep Cybersecurity Top of Mind
Embracing New Technology? Here’s How to Keep Cybersecurity Top of Mind
As technology advances at an unprecedented pace, many businesses are aggressively accelerating adoption to maintain a competitive advantage. But there’s a big risk for those who don’t keep cybersecurity top of mind.
Posted on Nov 10 / 2021
Cyber Intelligence Weekly (Nov 7, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Nov 7, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Department of Defense Cybersecurity Framework - CMMC - Gets Major Overhaul, Company Directors and Boards in the Crosshairs Over Cyber Incidents, and Israeli Spyware Producer NSO Group Blacklisted by US Government
Posted on Nov 07 / 2021
CMMC Update: November 5, 2021 - Five Key Takeaways
CMMC Update: November 5, 2021 - Five Key Takeaways
The Cybersecurity Maturity Model Certification (CMMC) underwent a huge makeover in the last 48 hours. Here is what you need to know.
Posted on Nov 05 / 2021
Cyber Intelligence Weekly (Oct 31, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Oct 31, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Microsoft Sets Sights on Closing the Cybersecurity Skills Gap, PAX Technology Raided by FBI, Key Member of REvil Ransomware Gang Identified.
Posted on Oct 31 / 2021
Cyber Intelligence Weekly (Oct 24, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Oct 24, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Ransomware Gang Recruits Tech Talent Through Fake Company, High Profile YouTube Accounts Targets for Hackers, and Maker of Candy Corn Hit by Ransomware
Posted on Oct 24 / 2021
Cyber Intelligence Weekly (Oct 17, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Oct 17, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Clicking the F12 Button Considered ‘Hacking’ Per Missouri Governor, Deep Fakes Gaining Steam in Elaborate Social Engineering Attacks, and Phishers Getting Tricky with Coinbase Fraud
Posted on Oct 17 / 2021
Cyber Intelligence Weekly (Oct 10, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Oct 10, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Facebook, Instagram and WhatsApp Endure Major Outage, Major Telecom Provider Announces Five-Year-Long Security Breach, and Twitch Confirms Massive Breach, Company Data on 4Chan.
Posted on Oct 10 / 2021
SC Media Interview: Cyber pros used OSINT and sock puppets to aid mass Afghanistan evacuation
SC Media Interview: Cyber pros used OSINT and sock puppets to aid mass Afghanistan evacuation
In this interview and article from SC Media, Dan Desko and Dahvid Schloss discuss how the Echelon Risk + Cyber team used their cyber skills to help at least 50 Afghan refugees to safety.
Posted on Oct 08 / 2021
Risk + Cyber Perspectives: Securing Financial Services
Risk + Cyber Perspectives: Securing Financial Services
In this video discussion with Matt Tolbert, Senior Cybersecurity Examiner for the Federal Reserve Bank of Cleveland, Matt and Dan discuss risks of remote workforces, planning for disruptions, mitigating 3rd party risks, going to the cloud, supply chain threats, and resilience in the future.
Posted on Oct 07 / 2021
Case Study: Bell and Howell Improves Cyber Posture with Echelon’s Unique Collaborative Approach to Pen Testing
Case Study: Bell and Howell Improves Cyber Posture with Echelon’s Unique Collaborative Approach to Pen Testing
Bell and Howell partnered with Echelon Risk + Cyber to test the security of their systems, ensuring that they will continue to be protected from future cyberattacks and avoid any future disruption to their systems.
Posted on Oct 06 / 2021
Mission Matters Interview: Dan Desko + Adam Torres
Mission Matters Interview: Dan Desko + Adam Torres
Our CEO and Founder Dan Desko was recently interviewed for Mission Matters Innovation with Adam Torres. The interview focuses on our core belief that security and privacy are basic human rights. We're built to live that mission every day.
Posted on Oct 06 / 2021
Cyber Intelligence Weekly (Oct 3, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Oct 3, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Death of Infant Nicko Silar Blamed on Ransomware, MFA Meets its Match?, and VMware vCenter Server Critical Vulnerability Exploited in the Wild.
Posted on Oct 03 / 2021
Banking in the Cloud: Key Considerations for IT Leaders
Banking in the Cloud: Key Considerations for IT Leaders
Considering a move to the cloud? There's a lot to think about, especially for financial institutions. This article lays out those obstacles and some considerations for overcoming them.
Posted on Sep 28 / 2021
Cyber Intelligence Weekly (Sept 26, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Sept 26, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: 2021 Record Year for Zero-Day Exploits, Massive Credential Leakage Occurring Through Microsoft Autodiscover, and FBI Held Back Kaseya Ransomware Decryption Keys for Weeks
Posted on Sep 26 / 2021
Four Ways to Spice Up Your Penetration Testing Routine
Four Ways to Spice Up Your Penetration Testing Routine
Another year, another penetration test? Attackers are evolving, and so should you. Here are four ways to spice up your pen testing routine to be better prepared and reduce your attack surface.
Posted on Sep 22 / 2021
Cyber Intelligence Weekly (Sept 19, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Sept 19, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Customer Service Outsourcing Giant TTEC Hit by Ransomware, Apple Releases Patch for Zero-Day, and Another Major Microsoft Vulnerability.
Posted on Sep 19 / 2021
Cyber Intelligence Weekly (Sept 12, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Sept 12, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Microsoft Zero Day exploited in the wild, hundreds of public companies in the SEC cyber hot seat for SolarWinds breach, and UN falls victim to major breach.
Posted on Sep 12 / 2021
Cyber Intelligence Weekly (Sept 5, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Sept 5, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Cybersecurity awareness during upcoming holidays, Atlassian Confluence security advisory, and WhatsApp privacy breach fines.
Posted on Sep 05 / 2021
Cyber Intelligence Weekly (Aug 29, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Aug 29, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Biden gets cyber commits from big tech, MS Power Apps leave data exposed, and CosmosDB vulnerabilities.
Posted on Aug 30 / 2021
DefCon 29 in Review: The Best Sessions, Badge Spoilers and More
DefCon 29 in Review: The Best Sessions, Badge Spoilers and More
Have you solved your badges yet? With another DefCon in the books, here's our take on the best sessions and a close up look at some of the badges.
Posted on Aug 26 / 2021
A Hacker’s Perspective: How to Create a Strong Password (Hint, Length Matters!)
A Hacker’s Perspective: How to Create a Strong Password (Hint, Length Matters!)
From a hacker’s perspective, the essence of password security boils down to two things: how guessable is it and how easy is it to crack encrypted passwords. Here are our tips for creating stronger passwords.
Posted on Aug 24 / 2021
Cyber Intelligence Weekly (Aug 22, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Aug 22, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: massive insider threat is looming, BlackBerry vulnerabilities, and updates on previous CIW stories.
Posted on Aug 22 / 2021
Cyber Intelligence Weekly (Aug 15, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Aug 15, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: data breach at T-Mobile, Apple's privacy nightmare, and Microsoft needs to patch patching.
Posted on Aug 16 / 2021
Cyber Intelligence Weekly (Aug 8, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Aug 8, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Federal agencies failing at cyber, Apple scans your iCloud photos, and a disgruntled ransomware worker acts out.
Posted on Aug 08 / 2021
A Hacker’s Perspective: Top Three Ways to Mitigate Modern Phishing Techniques
A Hacker’s Perspective: Top Three Ways to Mitigate Modern Phishing Techniques
More people fell victim to phishing than any other form of internet crime in 2020, and this trend is likely to continue. But phishing is not just prevalent - it is evolving. Here are three mitigation strategies for modern phishing techniques, from the perspective of a hacker.
Posted on Aug 04 / 2021
CMMC Compliance 101: Answers to Common Questions
CMMC Compliance 101: Answers to Common Questions
Have you Googled CMMC compliance lately? We want to help clear the air. Avoid the marketing jargon and confusing content with these answers to common questions.
Posted on Aug 02 / 2021
Cyber Intelligence Weekly (Aug 1, 2021): Our Take on Three Things You Need to Know
Cyber Intelligence Weekly (Aug 1, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: President Biden's memorandum on Critical Infrastructure Cybersecurity, an FBI official advises against banning ransomware payments, and the search engine for hackable websites returns.
Posted on Aug 01 / 2021
Flexible & Secure Remote Penetration Testing in a Changing World
Flexible & Secure Remote Penetration Testing in a Changing World
Over the past year and a half, the worldwide workforce underwent a drastic and rapid paradigm shift that has brought with it new opportunities, attack vectors, and methods to test security. When testing security with penetration testing, partner with a firm using the most modern, advanced tactics to test your readiness for tomorrow’s attackers.
Posted on Jul 29 / 2021
Search
Sections
Cyber Intelligence Weekly Offensive Security: How to Level Up Hacker's Perspective: Tips for Defenders Compliance CISO's Corner Financial Services Manufacturing
Sign up to get Cyber Intelligence Weekly in your inbox.
Latest Intelligence