Security News > 2023 > March

Google has announced the general availability of client-side encryption for Gmail and Calendar, months after piloting the feature in late 2022. The data privacy controls enable "Even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said.

Cybercriminals are disguising the PlugX remote access trojan as a legitimate open-source Windows debugging tool to evade detection and compromise systems. In a recent case detailed by Trend Micro, miscreants used a PlugX variant to hijack the popular x64dbg debugging tool to go undetected.

Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain security while reducing the burden on DevOps and security teams. Introducing security tools that allow developers to own code security within their existing development process can increase early risk identification and simplify the process of mitigating risks, slowing the growth of vulnerability backlogs.

Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "Uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. Parallax RAT grants attackers remote access to victim machines.

Among these tools, Burp Suite stands out as one of the most popular and widely used options among security professionals and enthusiasts alike. Here's a collection of Burp Suite extensions to make it even better.

In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security testing tools, explore the...

Global malware volume increased 2% year-over-year, but it was jumps in IoT malware and cryptojacking that offset the decline of overall global ransomware volume, signifying a strategic shift. Threat actors have embraced slower and more stealthy approaches to achieve financially-motivated cyberattacks.

"The vast majority of successful breaches in the past year were the result of account takeover. This research illustrates just how easy enterprises are making it for attackers to target their identities and launch successful ATO attacks," says Oort CEO, Matt Caulfield. The lack of strong MFA adoption has implications not only for potential account takeover attacks, but also regulatory compliance, citing several compliance frameworks that have requirements for MFA. The report unveils the most commonly targeted accounts are either dormant or those that belong to executives and administrators.

The platform provides real, actionable intelligence to support various security teams across an organization in their efforts to uncover threats and proactively prevent digital crimes. SecuriThings Managed Service Platform secures physical security devices.

Your technology is always changing, and you often play catchup to secure it. This isn't easy in the cloud when you share security responsibility with the cloud service providers.