Security News

Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via "Nuanced" exploitation and by using an advanced detection evasion method. The phishing emails prompts recipients to download an attached Office Word file to view their "Monthly salary report".

In light of the rise of "DDoS hacktivism" and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency has updated its guidance of how governmental entities should respond to this type of attacks. "The main advantage of a DDoS attack over a DoS attack is the ability to generate a significantly higher volume of traffic, overwhelming the target system's resources to a greater extent," the agency says.

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux...

The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls...

A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent...

It's $2M less than in 2022, but it's still a lot. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program's launch in 2010 has reached $59 million.

Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The Ukrainian SSSCIP State Cyber Protection Center, together with the Palo Alto Networks Unit 42 research team, have been tracking a massive phishing campaign linked to the distribution of the SmokeLoader malware.

The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining,...

Similarly to shadow IT, shadow AI refers to all the AI-enabled products and platforms being used within your organization that those departments don't know about. Establishing a risk matrix for AI use within your organization and defining how it will be used will allow you to have productive conversations around AI usage for the entire business.

The use of hybrid multicloud models is forecasted to double over the next one to three years as IT decision makers are facing new pressures to modernize IT infrastructures because of drivers like AI, security, and sustainability, according to Nutanix. "Whether it be because of AI, sustainability, or security imperatives, IT organizations are facing ever-increasing pressure to modernize their IT infrastructure quickly," said Lee Caswell, SVP, Product and Solutions Marketing at Nutanix.