Security News

As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era of security threats. Historically, SaaS security was about managing misconfigurations.

Deepfake videos use AI and deep learning techniques to create highly realistic but fake or fabricated content. The most effective evaluation of deepfake technology can be made when watching videos in which the "Deepfaked" person is a celebrity or individual whom the viewer is visually familiar with.

85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions as the most targeted sector for phishing in Q2 as compared to VIPRE's previous quarterly report.

Threat actors are exploiting poorly secured Microsoft SQL servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. "The ransomware payload of choice appears to be a newer variant of Mimic ransomware called FreeWorld."

Imagine leveraging this data not only for profit but also for enhanced AI and Machine Learning threat detection. Join our groundbreaking webinar, "Clean Data, Better Detections: Using Your Business Data for AI/ML Detections," to unearth how your distinct business data can be the linchpin to amplifying your AI/ML threat detection prowess.

A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. EVLF is said to be operating a web shop to advertise their warez since at least September 2022.

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users' credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions.

Phishing remains the most dominant and fastest growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today's threat actors, according to Cloudflare. Cloudflare observed more email threats targeting political organizations.

In this Help Net Security video, Paul Cragg, CTO at NormCyber, discusses how organizations grapple with many cyber threats. For smaller in-house IT teams, distinguishing between minor events and genuine threats becomes an overwhelming challenge since even a single overlooked incident can lead to severe consequences.

The FBI is warning of a new tactic used by cybercriminals where they promote malicious "Beta" versions of cryptocurrency investment apps on popular mobile app stores that are then used to steal crypto. The threat actors submit the malicious apps to the mobile app stores as "Betas," meaning that they are in an early development phase and are meant to be used by tech enthusiasts or fans to test and submit feedback to developers before the software is officially released.