Security News

Spotting insider threats can be more challenging for a simple reason: insiders already have legitimate access - whether limited or full - to an organization's network, systems, or other assets. "Identifying insider threats is not a binary process. Insiders can be malicious, lack the skills to do their jobs properly, or be victims of coercion. Thus, it is important to understand the different types of insider threats and the vectors that are most applicable to your organization," Mandiant researchers recently noted.

The United Kingdom's National Cyber Security Centre is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts that will work alongside the government agency to tackle security threats facing the U.K. Announced by the NCSC on Jan. 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. The Cyber League will see members of the cybersecurity and threat intelligence industries join NCSC analysts in workshops and discussion groups to exchange insights on the growing threat landscape.

The U.K.'s National Cyber Security Centre has released a new study that finds generative AI may increase risks from cyber threats such as ransomware. The report sorted threats by potential for "Uplift" from generative AI and by the types of threat actors: nation-state sponsored, well-organized and less-skilled or opportunistic attackers.

Sponsored Feature Ransomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. Sterling Wilson, Data Resilience Strategist at Object First - the provider of Ootbi, the ransomware-proof backup storage appliance purpose-built for Veeam - believes that data is one of the most precious assets available, and as such, must be tightly protected.

The automotive industry faces new cybersecurity challenges as vehicles become more connected. One way they can do this is by keeping their vehicle's software updated and using strong passwords for any connected services to reduce the risks of connected cars.

Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive data. These threats are diverse in nature, originating from various actors such as nation-states, hacktivist groups, and organized cybercrime entities.

The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers,...

These assessment services typically test defenses against ten to twenty attack techniques, and only use one variations of each technique. How can teams defend against the huge cloud of possible variations of each attack technique when they don't account for all those variations? This is why I believe purple team assessments must evolve.

In the cloud, offensive cybersecurity is less about brute force and more about strategic finesse. The approach to offensive cybersecurity becomes more proactive, intelligent, and nuanced.

Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors....