Security News > 2023 > March

A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to evade detection engines," Zscaler researchers Meghraj Nandanwar and Satyam Singh said in a report published Monday.

With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate potential ways in which large language models like ChatGPT can be exploited by criminals and how they can be utilized to aid investigators in their day-to-day tasks.

Become your organization's cybersecurity expert with this $79 bundle The training covers CISSP, CASP+, CISM, and more. With a rise in cybercrime, cybersecurity is an essential focus for businesses in every industry these days.

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "Poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person."

To prevent bad actors exploiting vulnerabilities, you must take action to reduce or eliminate security risks. Software teams must prioritize incoming security patches to close security holes as soon as possible.

In this Help Net Security video, Matt Spitz, Head of Engineering at Vanta, talks about pragmatic security and illustrates what a small company with limited resources needs to do to lay the...

Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution.

As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Currently the SVP of Security Technology and Innovation at Cybellum, the Left to Our Own Devices podcast invited Adam Boulton to share his experience and his tips on building a product security strategy.

58% of SMBs have experienced high-impact shadow IT efforts outside the purview of their official IT department, according to Capterra. Half of SMBs say shadow IT teams are most commonly formed because there's a lack of understanding among employees about the process for acquiring new technology.

US president Joe Biden on Monday issued an Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security - a title that is not quite as simple it seems. The Order and explanatory statement point out that commercial spyware has been used by authoritarian regimes to target activists and journalists, has been deployed without proper authority in democracies, and poses a security risk to the US and other nations.