Hackers hide malware in James Webb telescope imagesThreat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space...
Year: 2022
0 - CT 0 - CT - CISO Strategics - Cybersecurity Frameworks 0 - CT - SOC - CSIRT Operations - Threat Hunting Cyber Security News Security on TechRepublic
Sliver offensive security framework increasingly used by threat actors
Sliver offensive security framework increasingly used by threat actorsThe offensive security tool used by penetration testers is also being used by threat actors from the ransomware...
6 different types of CISOs and the environments they thrive in
6 different types of CISOs and the environments they thrive inEXECUTIVE SUMMARY: The CISO’s role is to protect the business from cyber threats, but often times...
Ukraine takes down cybercrime group hitting crypto fraud victims
Ukraine takes down cybercrime group hitting crypto fraud victimsThe National Police of Ukraine (NPU) took down a network of call centers used by a cybercrime group...
Don’t Let ‘Perfect’ Be the Enemy of a Good AppSec Program
Don't Let 'Perfect' Be the Enemy of a Good AppSec ProgramThese five suggestions provide a great place to start building a scalable and affordable program for...
New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
New ODGen Tool Unearths 180 Zero-Days in Node.js LibrariesNew graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.Leer...
SecureAuth Announces General Availability of Arculix, Its Next-Gen Passwordless, Continuous-Authentication Platform
SecureAuth Announces General Availability of Arculix, Its Next-Gen Passwordless, Continuous-Authentication PlatformNext-gen platform delivers adaptive and robust, continuous authentication with identity orchestration and a frictionless user experience.Leer...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News DARKReading
The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks
The Inevitability of Cloud Breaches: Tales of Real-World Cloud AttacksWhile cloud breaches are going to happen, that doesn't mean we can't do anything about them. By...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Security Boulevard
NTLMv1 vs NTLMv2: Digging into an NTLM Downgrade Attack
NTLMv1 vs NTLMv2: Digging into an NTLM Downgrade AttackOverview During the summer, my colleague Derya Yavuz and I published an article on some of the different...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks Cyber Security News Security Boulevard
Establishing trust in your software supply chain with an SBOM
Establishing trust in your software supply chain with an SBOM A software Bill of Materials or SBOM provides transparency into an organization’s software, protecting it from...
BSidesTLV 2022 – Keren Elazari’s ‘Closing Remarks’
BSidesTLV 2022 – Keren Elazari’s ‘Closing Remarks’Our thanks to BSidesTLV for publishing their outstanding conference videos on the organization's YouTube channel. Permalink The post BSidesTLV 2022...
Smart Cities Need to Keep Cybersecurity in Mind – Techstrong TV
Smart Cities Need to Keep Cybersecurity in Mind – Techstrong TV Karen, Senior Cybersecurity Strategist at VMware, and Charlene discuss smart city cybersecurity—why security is not...
3 Truths about the State of CRQ
3 Truths about the State of CRQI had an exciting time attending Blackhat 2022 in Last Vegas. Blackhat is great each year, but this year was...
Video: 5 P’s to Start Quantitative Risk Management – No 2 People
Video: 5 P’s to Start Quantitative Risk Management – No 2 People At RiskLens, we call our playbook for launching a cyber risk quantification (CRQ) program...
0ktapus/‘Scatter Swine’ Hacking Gang Stole 10,000 Corp Logins via Twilio
0ktapus/‘Scatter Swine’ Hacking Gang Stole 10,000 Corp Logins via Twilio More on the Twilio débâcle from earlier this month: Researchers reveal the hackers swiped at least 9,931...
Why Do You Need a WAF For Your Websites?
Why Do You Need a WAF For Your Websites?Businesses have to worry about different kinds of cyberattacks, many of which could bring down their websites, wipe...
Qualys Discovers Two Major Vulnerabilities – Techstrong TV
Qualys Discovers Two Major Vulnerabilities – Techstrong TV Bharat Jogi, Director of Security and Threat Research at Qualys, discusses the discovery of two recent vulnerabilities, the...
JavaScript bugs aplenty in Node.js ecosystem – found automatically
JavaScript bugs aplenty in Node.js ecosystem – found automaticallyHow to get the better of bugs in all the possible packages in your supply chain?Leer másNaked SecurityHow...
Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs
Hands-on Review: Stellar Cyber Security Operations Platform for MSSPsAs threat complexity increases and the boundaries of an organization have all but disappeared, security teams are more...
Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers
Hackers Use ModernLoader to Infect Systems with Stealers and CryptominersAs many as three disparate but related campaigns between March and Jun 2022 have been found to...
Importance of being agile & the necessary ingredients
Importance of being agile & the necessary ingredientsFraud represents an asymmetric challenge. A fast reaction time plays an important role in minimizing the attacker’s advantage and...
0 - CT 0 - CT - Cybersecurity Architecture - Mobile & 5G Security Cyber Security News Security Boulevard
What is mobile security?
What is mobile security?The use of smartphones has surged, but the users’ knowledge regarding the security of mobile devices has not kept pace with this uptick....
Automatic Restoration of Corrupted UPX-packed Samples
Automatic Restoration of Corrupted UPX-packed SamplesIn this blog, we share a tool (available on Git Hub) that can automatically fix various types of tampered UPX-packed files...
Pondurance Innovations and Integrations for Cloud Security
Pondurance Innovations and Integrations for Cloud SecurityCloud computing has created the biggest tectonic shift in IT this century. It has reshaped and optimized the process of...
Educational institutions and students on hacker’s radar
Educational institutions and students on hacker’s radarOver the last two months, hackers have stepped up attacks on academic institutions and students thereby opening a new frontier...
Consistent Authentication and Device Posture policies for SaaS
Consistent Authentication and Device Posture policies for SaaSThe adoption of SaaS (Software as a Service) started as far back as the 1960s, but picked up steam...
New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim
New Golang-based 'Agenda Ransomware' Can Be Customized For Each VictimA new ransomware strain written in Golang dubbed "Agenda" has been spotted in the wild, targeting healthcare...
FBI Warns Investors to Take Precautions with Decentralized Financial Platforms
FBI Warns Investors to Take Precautions with Decentralized Financial PlatformsThe U.S. Federal Bureau of Investigation (FBI) on Monday warned of cyber criminals increasingly exploiting flaws in...
FTC Sues Data Broker Over Selling Location Data for Hundreds of Millions of Phones
FTC Sues Data Broker Over Selling Location Data for Hundreds of Millions of PhonesThe U.S. Federal Trade Commission (FTC) on Monday said it filed a lawsuit...
The Emergence Of BYOD: Are Personal Devices Acceptable?
The Emergence Of BYOD: Are Personal Devices Acceptable?To bring or not to ‘bring your own device’ to work, that is the question! During COVID-19, when organizations...