Security News
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat...
Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it...
The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using generative AI. Why fake a data breach? Threat actors can announce a fake data breach, which can spark fears, panic and loss of public confidence, causing the stock prices to drop; in this way, cybercriminals can manipulate the market for financial gain.
CDK Global has cautioned customers about unscrupulous actors calling them and posing as CDK agents or affiliates to gain unauthorized systems access. Just as the company was recovering from the ongoing cyberattack, it experienced a second cyberattack on Wednesday, June 19th. As a result of multiple attacks, CDK is acting out of caution and has stated that its "Customer Care channels for support remain unavailable as a precautionary measure to maintain security."
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs)...
Managing cybersecurity for any organization is no easy feat. Improving cybersecurity maturity is often even more difficult, made increasingly challenging by the eye-watering costs of cybersecurity products and solutions.
SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection, network security monitoring, and threat hunting. Since all the data in SELKS is generated by the Suricata engine, it is popular among network security practitioners who explore the capabilities of Suricata IDS/IPS/NSM and analyze the network protocol monitoring logs and alerts it generates.
While 62% of organizations have begun their own zero trust journey, only 48% of US organizations have, raising a concern that Western entities know they have a problem but are unable to adopt zero trust, leaving them vulnerable to cyber threats. Cloud security incidents make organizations turn to AI-powered prevention.
The number of macOS vulnerabilities exploited in 2023 increased by more than 30%, according to a new report. The Software Vulnerability Ratings Report 2024 from patch management software company Action1 also found that Microsoft Office programs are becoming more exploitable, while attackers are targeting load balancers like NGINX and Citrix at a record rate.
Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of compromise. Cloud-based data storage and analytics company Snowflake has recently stated that attackers have accessed accounts of some of its customers by leveraging compromised credentials.