Economic headwinds could deepen the cybersecurity skills shortageAccording to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations...
Month: January 2023
Raspberry Robin Malware Detection: Enhanced Worm-Like Version Attacking European Financial Institutions
Raspberry Robin Malware Detection: Enhanced Worm-Like Version Attacking European Financial Institutions No matter the holiday season, adversaries have no vacation inventing new malicious tricks to target...
How To Reduce Rising Cyber Insurance Costs When You Have a Remote Workforce
How To Reduce Rising Cyber Insurance Costs When You Have a Remote WorkforceBy Raul Popa, CEO & Co-Founder, TypingDNA Like other types of insurance, Cybersecurity Insurance...
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
Titan Stealer: A New Golang-Based Information Stealer Malware EmergesA new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The...
Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine
Gee, tanks: Russian hackers DDoS Germany for aiding UkraineAlso: a week of leaks; Riot Games says 'LoL' to source code ransom demands; and Yandex source also...
40 Windows CMD Commands that Will Make You Feel Like a Real Hacker
40 Windows CMD Commands that Will Make You Feel Like a Real HackerWindows’ celebrated CLI (i.e., Command-Line Interpreter) is, without a doubt, a treasure trove of...
Mobile App APIs Are Crucial to Businesses – But Are Under-Protected
Mobile App APIs Are Crucial to Businesses – But Are Under-ProtectedThe State of Mobile Security in 2022” Underscores Both the Importance of Mobile Apps and the...
We are the weakest link
We are the weakest linkMitigating the risks of human error in digital defenses Webinar It's a startling truth but 45 percent of workers in the US...
How to survive below the cybersecurity poverty line
How to survive below the cybersecurity poverty lineThe security poverty line broadly defines a divide between the organizations that have the means and resources to achieve...
Identity Reveal: Threat Actor Behind Golden Chicken Malware Service Exposed
Identity Reveal: Threat Actor Behind Golden Chicken Malware Service ExposedResearchers have identified the real-world identity of the threat actor behind Golden Chickens Malware-as-a-Service (MaaS), known as...
SOC Prime Threat Bounty — December 2022 Results
SOC Prime Threat Bounty — December 2022 Results December ‘22 Publications During the last month of the year 2022, Threat Bounty developers managed to submit 441...
Infrastructure-as-Code Security: a Critical Responsibility
Infrastructure-as-Code Security: a Critical ResponsibilityBy Thomas Segura, Technical Content Writer, GitGuardian By large, software is still in its adolescence compared to other large-scale industries. Although its...
CVE-2022-42475 Detection: Zero-Day Vulnerability in FortiOS SSL-VPN Exploited in Attacks Against Government Entities and Large Organizations
CVE-2022-42475 Detection: Zero-Day Vulnerability in FortiOS SSL-VPN Exploited in Attacks Against Government Entities and Large Organizations Stay alert! Security researchers are warning the global cyber defender...
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part I
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part I Insights into How SOC Prime Achieved 100% YoY Growth While Withstanding the Challenges of War...
SwiftSlicer New Data-Wiping Malware Attacks Windows Operating Systems
SwiftSlicer New Data-Wiping Malware Attacks Windows Operating SystemsResearchers discovered a new attack on a Ukrainian target performed by Russian threat actors that used a new wiper...
Abusing a GitHub Codespaces Feature For Malware Delivery
Abusing a GitHub Codespaces Feature For Malware DeliveryProof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers...
Sandworm APT group hit Ukrainian news agency with five data wipers
Sandworm APT group hit Ukrainian news agency with five data wipersThe Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news...
Rhadamanthys Malware Detection: New Infostealer Spread via Google Ads & Spam Emails to Target Crypto Wallets and Dump Sensitive Information
Rhadamanthys Malware Detection: New Infostealer Spread via Google Ads & Spam Emails to Target Crypto Wallets and Dump Sensitive Information Security experts have shed light on...
Remote Workers Face Growing Threats from Phishing Attacks
Remote Workers Face Growing Threats from Phishing AttacksAnalysis Shows Phishing Strikes Up 61% Over 2021, With a 50% Increase on Mobile Devices By Patrick Harr, CEO,...
Detect CVE-2022-47966 Exploits: Critical Zoho ManageEngine RCE Vulnerability Under Active Exploitation
Detect CVE-2022-47966 Exploits: Critical Zoho ManageEngine RCE Vulnerability Under Active Exploitation Another day, another critical RCE making rounds in the cyberthreat arena. This time security practitioners are...
After data breach put their lives at risk, US releases 3000 immigrants seeking asylum
After data breach put their lives at risk, US releases 3000 immigrants seeking asylumImagine you're an immigrant, who has fled your home country for the United...
New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt Files
New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt FilesCybersecurity researchers uncovered a new strain of ransomware named Mimic. Mimic uses Everything API, a...
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords Stay alert! Security researchers have discovered a notorious vulnerability posing a serious threat to users of...
Smashing Security podcast #306: No Fly lists, cell phones, and the end of ransomware riches?
Smashing Security podcast #306: No Fly lists, cell phones, and the end of ransomware riches?What are prisoners getting up to with mobile phones? Why might ransomware...
ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convicted
ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convictedA 22-year-old suspected of being "Seyzo", a member of the ShinyHunters...
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part II
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part II Dive Into our Hubs Initiative as an Alternative to Remote Work Strategy: What’s Behind the...
Managing Cybersecurity for Critical National Infrastructure
Managing Cybersecurity for Critical National InfrastructureGeneral guidelines and realities of managing a cybersecurity program for critical national infrastructure By Juan Vargas, Cybersecurity and Engineering Consultant, Artech,...
A Guide to Phishing Attacks
A Guide to Phishing AttacksThis is a good list of modern phishing techniques. Leer másSchneier on SecurityThis is a good list of modern phishing techniques.
Hive ransomware leak site and decryption keys seized in police sting
Hive ransomware leak site and decryption keys seized in police stingWebsites used by the Hive ransomware-as-a-service gang to extort ransoms and leak data stolen from corporate...
Kevin Mitnick Hacked California Law in 1983
Kevin Mitnick Hacked California Law in 1983Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my...