Ever since we started working on our own operating system, weve encountered numerous myths that significantly hinder the adoption of new technologies. Fortunately, its not so difficult to provide compelling evidence that these myths are just that: myths. In this post, we address some of the most common misconceptions. show more ...
Dozens of countries commit to collaborate on artificial intelligence cybersecurity, fittingly at the British home of the WWII codebreakers.
The solution? Follow in the footsteps of companies that have raised the cost of exploitation.
It's unknown who the threat actors are and whether the outages are connected.
Nearly 1.5 million people work in cybersecurity in North America, but even with a growing gap in skilled specialists, they bear a higher chance of hiring freezes and layoffs.
Christopher Wray tells the US Senate that more US infrastructure will be targeted for cyberattacks in the wake of the Gaza conflict.
Atlassian CISO warns Confluence Data Center and Server customers they're vulnerable to "significant data loss" if all on-premises versions aren't patched.
Detection and incident response in a cloud environment can be a new challenge for security professionals who build their expertise before the cloud, and requires coordination between your organization’s internal teams and your cloud security provider’s security apparatus.
The CTO of MacPaw provides a case study in planning for cybersecurity and uptime in the face of armed conflict.
The CTO of MacPaw provides a case study in planning for cybersecurity and uptime in the face of armed conflict.
The future of the cybersecurity workforce will rely less on long-led legacy education models and more on skills-now training.
The use of the Forked IcedID variant, which removes banking functionality and focuses on payload delivery, highlights a shift in malware tactics toward prioritizing ransomware delivery.
The .US domain has been plagued by phishing activity and illicit content, with thousands of malicious link shortener domains registered, despite regulations aimed at verifying the identity and location of registrants.
The acquisition will integrate Dig's capabilities into Palo Alto's Prisma Cloud platform. Financial details were not disclosed, but reports suggest the deal is valued at $400 million.
The latest variant of Kazuar features significant improvements in code structure and functionality, including comprehensive system profiling, credential theft, an extended set of commands, and enhanced task automation.
The rise of hardware- and firmware-related attacks and supply chain threats has fundamentally changed the cybersecurity landscape, requiring a deeper understanding of these areas in the context of the MITRE ATT&CK framework.
The campaign, which targets high-profile organizations in the Middle East, has been using the LIONTAIL malware framework installed on Windows servers. LIONTAIL uses Windows HTTP stack driver HTTP.sys to load memory-resident payloads.
Ace Hardware is currently experiencing a cyberattack that has disrupted its IT systems. While in-store payment systems and credit card processing are unaffected, online services such as placing orders are currently unavailable.
EleKtra-Leak, an ongoing cryptojacking campaign, exploits exposed IAM credentials on GitHub to mine Monero. The attackers are said to have used each stolen credential within five minutes of its discovery. The payloads are delivered via a Google Drive URL, another widely used application, to evade detection. It is show more ...
Employee and consumer data continue to be the most affected categories in data breaches, leading to negative impacts such as lost revenue, customer trust, and employee turnover.
The targeted system, Mir, is a homegrown alternative to international payment brands and has seen increased usage in Russia following the country's invasion of Ukraine and the departure of international payment services.
Over one-third of companies lack a comprehensive ransomware strategy, highlighting the need for a holistic approach that prioritizes both prevention and recovery, according to a survey by Zerto.
Private torrent trackers like WiHD, known for their exclusivity, can still suffer from data breaches, highlighting the importance of robust security measures in protecting user data.
Recovery efforts should prioritize patching vulnerabilities, removing malicious artifacts, and strengthening protective and detective controls to enhance cyber resilience and reduce the risk of follow-up attacks.
F5 has issued a warning about active exploitation of a critical security flaw in its BIG-IP software. The vulnerability, known as CVE-2023-46747, allows attackers to execute arbitrary system commands.
The number of cyber breaches becoming public is increasing, with companies facing financial and reputational consequences and being more likely to pay ransoms for stolen data.
The attacks were likely DDoS attacks, disrupting websites but not impacting airport operations or flights. The UK's NCSC is investigating the attacks, while Gatwick Airport officials are also dealing with spoofed Twitter accounts in their name.
The Parallax RAT has seen a significant increase in usage, particularly through infected DLLs in seemingly legitimate invoices, making it harder for users to detect the attack.
The attackers impersonate blockchain engineers on Discord, using social engineering tactics to trick victims into downloading and executing a ZIP archive containing malicious code.
The United States and 48 other countries, along with the European Union and Interpol, are set to pledge this week that they will no longer pay ransoms as part of ransomware attacks.
The library is working with the UK's National Cyber Security Centre (NCSC) and cybersecurity specialists to investigate the incident, but the nature of the attack and how the systems were breached are still unknown.
The FBI Director Christopher Wray warned that cyberattacks against the US by Iran and non-state actors could escalate if the conflict intensifies. He stated that Iran has a history of targeting American interests and critical infrastructure.
The Kirkland, Washington-based security company raised $61 million in Series B funding. The round was led by Spark Capital, with participation from existing investors Sequoia Capital, Amplify Partners, The Chainsmoker's Mantis VC, and Banana Capital.
Out of the 15 vulnerabilities patched, 13 of which were reported by external researchers. Three of the bugs are rated as high severity, while the remaining ones are medium and low severity.
Graylog has raised $39 million in its Series C funding round co-led by Silver Lake Waterman, Piper Sandler Merchant Banking, and Harbert Growth Partners. It includes $9 million in equity and $30 million in a "flex debt" facility.
Microsoft's block on Visual Basic for Applications (VBA) macros has led attackers to experiment with different file types, with XLL files now being used as a means to distribute malware.
VMware Carbon Black's Threat Analysis Unit (TAU) has discovered numerous previously unknown vulnerable kernel drivers that could be exploited by hackers to modify firmware or gain elevated privileges.
Auto Blocker prevents the installation of risky apps downloaded from outside the official app stores to protect users from malware and spyware. It also blocks unauthorized commands and software installations via the USB port.
The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. "As the code of the upgraded revision of Kazuar reveals, the authors put special emphasis on Kazuar's ability to
F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution
State-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023, exhibits overlaps with the infamous adversarial collective Lazarus Group, citing an analysis of the
The browser has become the main work interface in modern enterprises. It’s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to steal the data it stores and use it for malicious access to organizational SaaS apps or the hosting machine. Additionally,
A threat actor affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecurity firm Check Point, which discovered the campaign alongside Sygnia, is tracking the actor under the name Scarred
A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that's offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA [registered domain generation algorithm] and use these domains to provide a link shortening service to other malicious actors, helping them evade
How ESET Research found a kill switch that had been used to take down one of the most prolific botnets out there
