Key takeaways from the Open Cybersecurity Schema FormatOne of the most pervasive challenges in the current cybersecurity environment is an overabundance of tooling vendors, all of...
Day: September 9, 2022
Multi-stage crypto-mining malware hides in legitimate apps with month-long delay trigger
Multi-stage crypto-mining malware hides in legitimate apps with month-long delay triggerResearchers have discovered a new multi-stage malware delivery campaign that relies on legitimate application installers distributed...
Nvidia partners with Dell and VMware for faster AI systems
Nvidia partners with Dell and VMware for faster AI systemsNew vSphere paired with Nvidia DPUs will speed up data center performance.Leer másCSO OnlineNew vSphere paired with...
Traceable AI debuts API testing product for its security platform
Traceable AI debuts API testing product for its security platformTraceable AI today announced the general availability of xAST, an API security testing solution, as part of...
Stuxnet explained: The first known cyberweapon
Stuxnet explained: The first known cyberweaponWhat is Stuxnet? Stuxnet is a powerful computer worm designed by U.S. and Israeli intelligence that to disable a key part...
Resolving conflicts between security best practices and compliance mandates
Resolving conflicts between security best practices and compliance mandatesSo, you read a great tip on the internet and think it would improve your security posture. Before...
Women in cybersecurity form non-profit organization The Forte Group
Women in cybersecurity form non-profit organization The Forte GroupA group of over 90 women working in cybersecurity roles have formed The Forte Group, a non-profit organization...
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million AttemptsA zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has...
New Vulnerabilities Reported in Baxter’s Internet-Connected Infusion Pumps
New Vulnerabilities Reported in Baxter's Internet-Connected Infusion PumpsMultiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to...
Palo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution
Palo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solutionCybersecurity vendor Palo Alto Networks has announced new updates to its Prisma Secure...
Intro to MongoDB’s queryable encryption
Intro to MongoDB’s queryable encryptionQueryable encryption was the main attraction at MongoDB World 2022, for understandable reasons. It introduces a unique capability to reduce the attack...
Dashlane launches integrated passkey support for password manager with new in-browser passkey solution
Dashlane launches integrated passkey support for password manager with new in-browser passkey solutionPassword management vendor Dashlane has announced the introduction of integrated passkey support in its...
Remediant wants to move beyond PAM to secure enterprise networks
Remediant wants to move beyond PAM to secure enterprise networksSecurity software provider Remediant wants to move beyond basic privileged access management (PAM) to help CSOs secure...
Ragnar Locker continues trend of ransomware targeting energy sector
Ragnar Locker continues trend of ransomware targeting energy sectorThe recent attack on Greece’s largest natural gas transmission operator DESFA by ransomware gang Ragnar Locker is the...
Apple pushes out emergency updates to address zero-day exploits
Apple pushes out emergency updates to address zero-day exploitsApple has encouraged users of older mobile and desktop devices to update their software ASAP, as a vulnerability...
OpenSSF releases npm best practices to help developers tackle open-source dependency risks
OpenSSF releases npm best practices to help developers tackle open-source dependency risksThe Open Source Security Foundation (OpenSSF) has released the npm Best Practices Guide to help...
Top 12 managed detection and response solutions
Top 12 managed detection and response solutionsOf all foundational elements for information security, logging requires far more care and feeding than its fellow cornerstones such as...
How Azure Active Directory opens new authentication risks
How Azure Active Directory opens new authentication risksIt's been common knowledge for years that local Windows Active Directory networks are vulnerable to NTLM relay and pass-the-hash...
Samsung reports second data breach in 6 months
Samsung reports second data breach in 6 monthsSamsung has opened up about a data breach it detected on or around August 4, affecting the personal information...
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
The Heartbleed bug: How a flaw in OpenSSL caused a security crisisWhat is Heartbleed? Heartbleed is a vulnerability in OpenSSL that came to light in April...
‘DangerousSavanna’ Hackers Targeted Financial Institutions in Africa For Two Years
'DangerousSavanna' Hackers Targeted Financial Institutions in Africa For Two YearsThe campaign relied on spearphishing techniques to initiate infection chainsLeer másThe campaign relied on spearphishing techniques to...
Ukraine Shutters Two More Russian Bot Farms
Ukraine Shutters Two More Russian Bot FarmsFacilities used to spread Russian disinformationLeer másFacilities used to spread Russian disinformation
NATO-Member Albania Cut Ties With Iran Over Cyber-Attack
NATO-Member Albania Cut Ties With Iran Over Cyber-AttackTehran denied any link, claiming Tirana’s action was “based on such baseless claims”Leer másTehran denied any link, claiming Tirana’s...
Google urges open source community to fuzz test code
Google urges open source community to fuzz test codeWe'll even get our checkbook out, web giant says Google's open source security team says OSS-Fuzz, its community...
The North Face Warns of Major Credential Stuffing Campaign
The North Face Warns of Major Credential Stuffing CampaignApparel giant detects unusual activity on accountsLeer másApparel giant detects unusual activity on accounts
Ransomware attacks on retailers rose 75% in 2021
Ransomware attacks on retailers rose 75% in 2021Retailers are fast becoming the favorite targets for ransomware criminals, with two out of three companies in the sector...
A Pocket Guide to FAIR
A Pocket Guide to FAIR FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR...
Mandiant ‘highly confident’ foreign cyberspies will target US midterm elections
Mandiant ‘highly confident’ foreign cyberspies will target US midterm electionsIt is with a heavy heart that we must announce that the hackers are at it again...
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolsetSecurity researchers have discovered a new remote access Trojan (RAT) being used in attack...
Researchers Reveal New Iranian Threat Group APT42
Researchers Reveal New Iranian Threat Group APT42Group has been active since at least 2015Leer másGroup has been active since at least 2015