Security News > 2024 > March

Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection....

Users of the social media platform X have often been left puzzled when they click on a post with an external link but arrive at an entirely unexpected website from the one displayed in the post. Don't trust link previews on X. Security researcher Will Dormann spotted a Twitter post with a link to "Forbes.com."

The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20...

The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country....

To effectively safeguard these new environments, cybersecurity teams need to understand the shifting nuances of red teaming in the context of AI. Understanding what's changed with AI is an essential starting point to guide red teaming efforts in the years ahead. Why AI flips the red teaming script. Because the abilities of these models increase over time, cyber teams are no longer red teaming a static model.

While organizations are investing in ​Data Loss Prevention solutions​, Proofpoint's report shows ​that those investments are often inadequate, with 85% of surveyed organizations experiencing data loss in the past year. "Careless, compromised, and malicious users are and will continue to be responsible for the vast majority of incidents, all while GenAI ​tools are​ absorbing common tasks-and ​gaining access to ​confidential data ​in the process​. Organizations need to rethink their ​DLP​ strategies to address the underlying cause of data loss-people's actions-so they can detect, investigate, and respond to threats across ​all ​channels​ their employees are using​ including cloud, endpoint, email, and web."

Even with the best-of-the-best tools and tech stack monitoring vulnerabilities, every security executive and GRC leader should still have some layer of paranoia. In this Help Net Security video, Shrav Mehta, CEO at Secureframe, talks about security best practices for GRC teams, highlights areas that security learners should pay close attention to, and discusses how security leaders can automate specific processes.

Commerce is the most attacked vertical with 44% of API attacks, followed by business services at nearly 32%. APIs are vital to most organizations because they improve both employee and customer experiences. Cybercriminals have leveraged this digital innovation and the rapid expansion of the API economy to create new opportunities for exploitation.

As the GCC cybersecurity industry continues to grow-F&S estimates it will triple in value by 2030 to reach $13.4 billion-countries in the region continue to reduce their dependence on oil exports and opt for digital tools and technologies instead. Middle East braces for escalating cyber threats. In the UAE and Saudi Arabia, specifically, technology adoption has increased across the finance, healthcare, and manufacturing sectors, further boosting the need for cybersecurity and robust regulatory frameworks.

An Australian IT contractor has been sentenced to 30 months jail for ripping off the National Maritime Museum. The nonprofit museum celebrates Australia's maritime heritage - a matter of some import for the island nation, which therefore attracts government funding.