Security News

In this Help Net Security video, Paul Cragg, CTO at NormCyber, discusses how organizations grapple with many cyber threats. For smaller in-house IT teams, distinguishing between minor events and genuine threats becomes an overwhelming challenge since even a single overlooked incident can lead to severe consequences.

The FBI is warning of a new tactic used by cybercriminals where they promote malicious "Beta" versions of cryptocurrency investment apps on popular mobile app stores that are then used to steal crypto. The threat actors submit the malicious apps to the mobile app stores as "Betas," meaning that they are in an early development phase and are meant to be used by tech enthusiasts or fans to test and submit feedback to developers before the software is officially released.

This collaborative endeavor has now welcomed a new addition - the Cyber Threat Intelligence search engine Criminal IP - into PolySwarm's expansive detection engine network. Criminal IP's expertise is set to amplify the aggregation and validation of critical threat data.

This includes the continuous monitoring and management of user access, roles and permissions, 3rd party apps installed by users, risks deriving from SaaS user devices and Identity Threat Detection & Response. To address the Identity Threat Detection & Response challenge within the SaaS ecosystem, SaaS security solutions need a powerful solution that detects and responds to identity-related security threats based on key Indicators of Compromise and User and Entity Behavior Analytics.

API security isn't solely the responsibility of IT security professionals. Your API gateways, WAFs, and other security technologies and infrastructure should work with the API contract to provide seamless CI/CD integration and automation across the software and API lifecycle.

With threats evolving and multiplying, it's essential to understand how technological advancements can serve as both a challenge and an opportunity to safeguard digital content. How does the use of blockchain in digital content security software ensure the immutability of supply chain history? And how does it prevent modification, back-dating, or shredding of data?

Malware, being one of the most prevalent and pervasive initial threat vectors, continues to adapt and become more sophisticated, according to OPSWAT. Crucial role of threat intelligence. Threat actors leverage malware as an initial foothold to infiltrate targeted infrastructures and move laterally to gain long-term access, cause damage, or exfiltrate data and trade secrets.

As attackers focus on political ends, big payouts, threat hunters need to focus on identity intrusions, access merchants and tactics enabling fast lateral movement. Adversary breakout time - the time it takes a threat actor to zipline from the initial point of entry into a network - hit an average all-time low of 79 minutes, down from 84 minutes last year, with the fastest breakout of the year coming in at a record of seven minutes.

Infostealer malware has risen to prominence as one of the most significant vectors of cybercrime over the past three years. Learn from Flare about information stealer logs and their role in the...

In this Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. In addition to adopting appropriate technologies, it's important to provide a comprehensive security training program.