Security News

Understanding next-level cyber threats
2024-04-17 03:30

In this Help Net Security video, Trevor Hilligoss, VP of SpyCloud Labs, discusses the 2024 SpyCloud Identity Exposure Report, an annual report examining the latest trends in cybercrime and its impact. Researchers recaptured nearly 1.38 billion passwords circulating the darknet in 2023, an 81.5% year-over-year increase from 759 million in 2022.

Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats
2024-04-16 11:10

In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has...

Exposing the top cloud security threats
2024-04-15 04:00

Many companies consider AI-powered threats to be the top cloud security threat to their business. Concerningly, less than half are confident in their ability to tackle those threats, according to a recent Aqua Security survey.

The next wave of mobile threats
2024-04-12 04:00

According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the global mobile security software market to grow by $2.75 billion between 2020 and 2025, expanding at a CAGR of 9.68%. In this Help Net Security video, Michael Covington, VP of Portfolio Strategy at Jamf, discusses planning a mobile security strategy.

GSMA releases Mobile Threat Intelligence Framework
2024-04-10 03:00

GSM Association's Fraud and Security Group has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures that they use.The Mobile Threat Intelligence Framework is focused on mobile network-related attacks that are not already covered by existing public frameworks like MITRE ATT&CK and MITRE FiGHT. In scope are 2G, 3G, 4G, 5G, including all kind of telecommunication service enablers and future mobile technology evolutions.

UK businesses shockingly unaware of how to handle security threats
2024-04-09 12:41

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor
2024-04-08 18:47

A threat actor quietly spent the last two years integrating themself in the core team of maintainers of XZ Utils, a free software command-line data compressor widely used in Linux systems. The CVE-2024-3094 backdoor found in XZ Utils was implemented to interfere with authentication in SSHD, the OpenSSH server software that handles SSH connections.

Building a Cyber Threat Hunting Team: Methods, Strategies and Technologies
2024-04-08 16:00

Cyber threat hunting combines strategies, advanced technologies and skilled analysts to methodically examine networks, endpoints and data repositories. Its objective is to uncover stealthy malicious activities, reduce dwell time for undetected threats and bolster an organization's capability to withstand multi-vector attacks.

Threat actors are raising the bar for cyber attacks
2024-04-08 03:00

From sophisticated nation-state-sponsored intrusions to opportunistic malware campaigns, cyber attacks manifest in various forms, targeting vulnerabilities in networks, applications, and user behavior. The consequences of successful cyber attacks can be severe, ranging from financial losses and reputational damage to potential legal ramifications.

Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7
2024-04-04 15:06

New research from cyber security firm Rapid7 has shown the ransomware attacks that IT and security professionals are up against in APAC are far from uniform, and they would be better off tapping intelligence that sheds light on attack trends in their specific jurisdiction or sector. How ransomware threats in Asia-Pacific differ by jurisdiction and sector.