Security News

A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at...

This brings us on to our third point, which is that we should not be looking to harness GenAI for security awareness training. GenAI promises to transform security training for the better.

Social engineering has also increased, now representing 19% of phishing attacks and phishing emails are over three times longer than they were in 2021, likely due to the increase in use of generative AI. On the other hand, the use of attachment-based payloads has decreased since 2021; three years ago, these accounted for 72.7% of attacks detected by Egress, and by the first quarter of 2024, this had fallen to 35.7% as threat actors evolve their payloads to evade cybersecurity efforts. Generative AI is also expected to increase attack success rate, including creating payloads such as malware, phishing websites and invoices for wire fraud attacks as cybercriminals look to streamline their processes and deliver more efficient campaigns at even swifter pace.

As a Cyber Security Incident Response Specialist, you will be responsible for the operational IT security of PHOENIX Corporate IT, information security event management and incident response, threat hunting and coordination of mitigation measures. As Information Security Specialist, you will assist in developing information security policies, procedures and necessary documents in compliance with applicable standards and regulations, conduct phishing and social engineering test campaigns, measure key performance indicators to ensure the effectiveness of information security controls.

As organizations navigate the complexities of hybrid work arrangements and the gradual return to the office, the cybersecurity threat landscape has become increasingly challenging, with issues such as the proliferation of personal devices, the expansion of remote access points, and the potential for security gaps between in-office and remote environments. Issues such as the proliferation of personal devices, the expansion of remote access points, and the potential for security gaps between in-office and remote environments have compounded these challenges.

Demonstrating a sound understanding of cloud security key principles and practices opens various professional opportunities. But first, you need the right mix of technical and soft skills to...

Microsoft has rolled back a fix for a known Outlook issue that was causing incorrect security alerts when opening ICS calendar files after installing the December Outlook Desktop security updates. Affected Microsoft 365 users are seeing unexpected warnings that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe" when double-clicking ICS files saved on their devices.

A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan. Cisco Talos assesses with moderate confidence that the campaign is a CoralRaider operation, based on similarities in tactics, techniques, and procedures with past attacks attributed to the threat actor.

Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates.Although the April 2024 HU is optional, it also adds support for ECC certificates and Hybrid Modern Authentication for OWA/ECP. If you have installed the March 2024 SU and have not experienced any known issues fixed in the optional update and do not need the new features, you can wait for the next Exchange Server SU, which will also include these hotfixes.

The Treasury Department's Office of Foreign Assets Control has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. Entities at least 50% owned by blocked persons are also subject to freeze, and transactions involving their assets are prohibited without OFAC authorization, while financial institutions and other organizations dealing with sanctioned individuals and companies also risk exposure to sanctions or enforcement actions.