Security News
Access to timely and accurate threat intelligence is now core to security operations for many organizations. Typically, security teams gather large amounts of threat intelligence from multiple places in different and incompatible formats.
Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. This comprehensive analysis, compiled by Cybersixgill's cyber threat intelligence experts, provides valuable insights into the tactics, techniques, and technologies employed by threat actors worldwide.
Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. More recently, detection engineering has spun off as a specialized aspect of threat detection, allowing detection engineers to customize threat detection systems.
In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data...
Join Intel, DETASAD, Juniper Networks, and Arqit to hear essential strategies in this webinar on July 30th Webinar Artificial Intelligence (AI) is revolutionizing industries worldwide, but with...
When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable. Europol's recently released Internet Organised Crime Threat Assessment 2024 report covers events - law enforcement actions - that happened in the last 12 months and how the cyber threat landscape shifted because of them.
As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. These bots target the industry through unauthorized scraping, seat spinning, account takeover, and fraud.
Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America, South America, and Oceania, including two unnamed Asia-Pacific intergovernmental organizations.
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. The same threat actors are also likely tied to the BlackCat ransomware operation, which recently conducted an exit scam after stealing a UnitedHealth ransom payment.
Elevated Privileges: Accidental download of malware by an insider can grant attackers elevated privileges, allowing them to tamper with critical systems or steal large amounts of data. Attackers can impersonate managers and colleagues to manipulate insiders into divulging sensitive information or exercising their privileges to the benefit of the external threat.