Security News

Please turn on your JavaScript for this page to function normally. OAuth apps have become prominent in several attack groups' TTPs in recent years.

Threat hunting involves preemptively searching for threat indicators and potential vulnerabilities on the network that other tools missed. Threat hunting proactively seeks out the causes of advanced threats, such as unpatched vulnerabilities or poor security hygiene, and the signs that one is already occurring-such as unusual account behavior on the network-helping with advanced threat prevention and mitigation.

Cybersecurity strategies are essential components of modern organizations, designed to protect digital assets, sensitive information, and overall business continuity from potential cyber threats. As technology advances, the complexity and frequency of cyber attacks continue to grow, making it imperative for businesses to develop robust and adaptive cybersecurity strategies.

Cyber attacks using AI-generated deepfakes to bypass facial biometrics security will lead a third of organizations to doubt the adequacy of identity verification and authentication tools as standalone protections. Remote account recovery, for example, might rely on an image of the individual's face to unlock security.

A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interesting detail about UNC4990 it's mostly targeting organizations located in Italy and is likely based in that country, as well.

In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of...

The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the platform's surveillance of the Surface, Deep, and...

Spotting insider threats can be more challenging for a simple reason: insiders already have legitimate access - whether limited or full - to an organization's network, systems, or other assets. "Identifying insider threats is not a binary process. Insiders can be malicious, lack the skills to do their jobs properly, or be victims of coercion. Thus, it is important to understand the different types of insider threats and the vectors that are most applicable to your organization," Mandiant researchers recently noted.

The United Kingdom's National Cyber Security Centre is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts that will work alongside the government agency to tackle security threats facing the U.K. Announced by the NCSC on Jan. 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. The Cyber League will see members of the cybersecurity and threat intelligence industries join NCSC analysts in workshops and discussion groups to exchange insights on the growing threat landscape.

The U.K.'s National Cyber Security Centre has released a new study that finds generative AI may increase risks from cyber threats such as ransomware. The report sorted threats by potential for "Uplift" from generative AI and by the types of threat actors: nation-state sponsored, well-organized and less-skilled or opportunistic attackers.