Security News

How threats to mid-sized businesses impact us all
2023-08-15 04:00

In this Help Net Security video, Paul Cragg, CTO at NormCyber, discusses how organizations grapple with many cyber threats. For smaller in-house IT teams, distinguishing between minor events and genuine threats becomes an overwhelming challenge since even a single overlooked incident can lead to severe consequences.

Threat actors use beta apps to bypass mobile app store security
2023-08-14 22:13

The FBI is warning of a new tactic used by cybercriminals where they promote malicious "Beta" versions of cryptocurrency investment apps on popular mobile app stores that are then used to steal crypto. The threat actors submit the malicious apps to the mobile app stores as "Betas," meaning that they are in an early development phase and are meant to be used by tech enthusiasts or fans to test and submit feedback to developers before the software is officially released.

Criminal IP Teams Up with PolySwarm to Strengthen Threat Detection
2023-08-14 14:02

This collaborative endeavor has now welcomed a new addition - the Cyber Threat Intelligence search engine Criminal IP - into PolySwarm's expansive detection engine network. Criminal IP's expertise is set to amplify the aggregation and validation of critical threat data.

Identity Threat Detection and Response: Rips in Your Identity Fabric
2023-08-14 11:13

This includes the continuous monitoring and management of user access, roles and permissions, 3rd party apps installed by users, risks deriving from SaaS user devices and Identity Threat Detection & Response. To address the Identity Threat Detection & Response challenge within the SaaS ecosystem, SaaS security solutions need a powerful solution that detects and responds to identity-related security threats based on key Indicators of Compromise and User and Entity Behavior Analytics.

How to handle API sprawl and the security threat it poses
2023-08-11 05:30

API security isn't solely the responsibility of IT security professionals. Your API gateways, WAFs, and other security technologies and infrastructure should work with the API contract to provide seamless CI/CD integration and automation across the software and API lifecycle.

How digital content security stays resilient amid evolving threats
2023-08-11 04:30

With threats evolving and multiplying, it's essential to understand how technological advancements can serve as both a challenge and an opportunity to safeguard digital content. How does the use of blockchain in digital content security software ensure the immutability of supply chain history? And how does it prevent modification, back-dating, or shredding of data?

Threat intelligence’s key role in mitigating malware threats
2023-08-11 04:00

Malware, being one of the most prevalent and pervasive initial threat vectors, continues to adapt and become more sophisticated, according to OPSWAT. Crucial role of threat intelligence. Threat actors leverage malware as an initial foothold to infiltrate targeted infrastructures and move laterally to gain long-term access, cause damage, or exfiltrate data and trade secrets.

CrowdStrike at BlackHat: Speed, Interaction, Sophistication of Threat Actors Rising in 2023
2023-08-10 22:57

As attackers focus on political ends, big payouts, threat hunters need to focus on identity intrusions, access merchants and tactics enabling fast lateral movement. Adversary breakout time - the time it takes a threat actor to zipline from the initial point of entry into a network - hit an average all-time low of 79 minutes, down from 84 minutes last year, with the fastest breakout of the year coming in at a record of seven minutes.

Safeguarding Against Silent Cyber Threats: Exploring the Stealer Log Lifecycle
2023-08-10 14:02

Infostealer malware has risen to prominence as one of the most significant vectors of cybercrime over the past three years. Learn from Flare about information stealer logs and their role in the...

Zoom CISO Michael Adams discusses cybersecurity threats, solutions, and the future
2023-08-07 04:30

In this Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. In addition to adopting appropriate technologies, it's important to provide a comprehensive security training program.