Security News
A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. “This kit...
The UK's Information Commissioner's Office has put the West Midlands Police on the naughty step after the force was found to have repeatedly mixed up two people's personal data for years. Britain's data watchdog says the force "Incorrectly linked and merged the records" of the individuals that share the same name and date of birth on multiple occasions during 2000, 2021 and 2022.
The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. The CSF's governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation.
More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued...
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of...
Webinar Dealing with cyber security incidents is an expensive business. Each data breach costs an estimated $4.35 million on average and it's not as if the volume of cyber attacks is falling - last year, they rose by 38 percent according to Google Cloud.
Group-IB found these compromised credentials within the logs of information-stealing malware traded on illicit dark web marketplaces. Throughout the reporting period, Group-IB experts uncovered 27 new advertisements for ransomware-as-a-service programs on dark web forums, including well known groups such as Qilin, as well as other collectives that have yet to be seen in the wild.
The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure...
In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. For 2024, the prevailing theme across its current priorities is cyber hardening and bracing for impact.
Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations' DevOps strategies to encompass the challenges and opportunities AI presents.