Malware authors leverage more attack techniques that enable lateral movementA new study of over a half-million malware samples collected from various sources in 2022 revealed that...
Day: February 28, 2023
Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client
Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan ClientAt the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a...
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted AttacksAn open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an...
Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in Asia
Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in AsiaShipping companies and medical laboratories in Asia have been the subject of a suspected espionage...
3 Steps to Automate Your Third-Party Risk Management Program
3 Steps to Automate Your Third-Party Risk Management ProgramIf you Google "third-party data breaches" you will find many recent reports of data breaches that were either...
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing LinksIn what's a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the...
Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac DevicesApple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS,...
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular LibrariesCybersecurity researchers are warning of "imposter packages" mimicking popular libraries available on the Python Package Index (PyPI)...
New S1deload Malware Hijacking Users’ Social Media Accounts and Mining Cryptocurrency
New S1deload Malware Hijacking Users' Social Media Accounts and Mining CryptocurrencyAn active malware campaign has set its sights on Facebook and YouTube users by leveraging a...
Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data
Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive DataA new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used...
New Hacking Cluster ‘Clasiopa’ Targeting Materials Research Organizations in Asia
New Hacking Cluster 'Clasiopa' Targeting Materials Research Organizations in AsiaMaterials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct...
The Secret Vulnerability Finance Execs are Missing
The Secret Vulnerability Finance Execs are MissingThe (Other) Risk in Finance A few years ago, a Washington-based real estate developer received a document link from First...
Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEs
Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEsLots of lovely patches for your Valentine's Day delight. Get 'em as soon as you can...Leer másNaked...
S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]
S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]Latest episode - listen now! (Full transcript inside.)Leer másNaked SecurityLatest episode - listen now! (Full transcript inside.)
CrowdStrike Report Maps Changes to Cybersecurity Landscape
CrowdStrike Report Maps Changes to Cybersecurity Landscape A report published by CrowdStrike today highlighted how the cybersecurity threat landscape has shifted in the last year, with...
SlashNext Employs Generative AI to Combat Cybersecurity Threats
SlashNext Employs Generative AI to Combat Cybersecurity Threats SlashNext today launched a platform that makes use of generative artificial intelligence (AI) to thwart business email compromise...
Orca Security Adds Data Security Capabilities to Cloud Platform
Orca Security Adds Data Security Capabilities to Cloud Platform Orca Security today added a data security posture management (DSPM) capability to its cloud security platform as...
CSMA: What is Cybersecurity Mesh Architecture?
CSMA: What is Cybersecurity Mesh Architecture?Learn about the key components & benefits of Cybersecurity Mesh Architecture (CSMA). Enhance security and stay ahead of the game with...
System Hardening Best Practices
System Hardening Best Practices In a recent podcast interview with Hillarie McClure, Multimedia Director of Cybercrime Magazine, Robert E. Johnson III, Cimcor CEO/President, discusses system hardening...
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than...
Despite Cybersecurity Investments, Breaches Increasing
Despite Cybersecurity Investments, Breaches Increasing A survey of 300 CIOs, CISOs and security executives from enterprises in Europe and the U.S. that have more than 1,000...
How one trillion events power the Sift global data network
How one trillion events power the Sift global data networkThe Sift global data network now processes more than one trillion events per year, providing customers with...
If it’s AI, it’s probably written in PowerPoint…
If it’s AI, it’s probably written in PowerPoint…At MixMode, we will look you in the eye when we explain that we know the marketplace is crowded...
An API Security Testing Checklist… with a twist
An API Security Testing Checklist… with a twistLearn how to look more offensively at API security testing and apply the concept of common attack pattern enumeration...
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory riskThe evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant...
London Honeypots Attacked 2000 Times Per Minute
London Honeypots Attacked 2000 Times Per MinuteInsurer records 91 million attacks in total in JanuaryRead MoreInsurer records 91 million attacks in total in January
Experts Spot Half a Million Novel Malware Variants in 2022
Experts Spot Half a Million Novel Malware Variants in 2022Overall malware detections also rise after three years of declineRead MoreOverall malware detections also rise after three...
Phone Attacks and MFA Bypass Drive Phishing in 2022
Phone Attacks and MFA Bypass Drive Phishing in 2022Proofpoint reveals surge in direct financial losses from attacksRead MoreProofpoint reveals surge in direct financial losses from attacks
Ransomware Attack Hits US Marshals Service
Ransomware Attack Hits US Marshals ServiceDrew Wade, chief of the Marshals Service public affairs office, made the announcement on MondayRead MoreDrew Wade, chief of the Marshals...
LastPass Data Stolen in August 2022 Breach Used For December Attack
LastPass Data Stolen in August 2022 Breach Used For December AttackThreat actors obtained credentials and keys later used to access and decrypt some storage volumesRead MoreThreat...