Security News

Imagine leveraging this data not only for profit but also for enhanced AI and Machine Learning threat detection. Join our groundbreaking webinar, "Clean Data, Better Detections: Using Your Business Data for AI/ML Detections," to unearth how your distinct business data can be the linchpin to amplifying your AI/ML threat detection prowess.

A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. EVLF is said to be operating a web shop to advertise their warez since at least September 2022.

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users' credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions.

Phishing remains the most dominant and fastest growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today's threat actors, according to Cloudflare. Cloudflare observed more email threats targeting political organizations.

In this Help Net Security video, Paul Cragg, CTO at NormCyber, discusses how organizations grapple with many cyber threats. For smaller in-house IT teams, distinguishing between minor events and genuine threats becomes an overwhelming challenge since even a single overlooked incident can lead to severe consequences.

The FBI is warning of a new tactic used by cybercriminals where they promote malicious "Beta" versions of cryptocurrency investment apps on popular mobile app stores that are then used to steal crypto. The threat actors submit the malicious apps to the mobile app stores as "Betas," meaning that they are in an early development phase and are meant to be used by tech enthusiasts or fans to test and submit feedback to developers before the software is officially released.

This collaborative endeavor has now welcomed a new addition - the Cyber Threat Intelligence search engine Criminal IP - into PolySwarm's expansive detection engine network. Criminal IP's expertise is set to amplify the aggregation and validation of critical threat data.

This includes the continuous monitoring and management of user access, roles and permissions, 3rd party apps installed by users, risks deriving from SaaS user devices and Identity Threat Detection & Response. To address the Identity Threat Detection & Response challenge within the SaaS ecosystem, SaaS security solutions need a powerful solution that detects and responds to identity-related security threats based on key Indicators of Compromise and User and Entity Behavior Analytics.

API security isn't solely the responsibility of IT security professionals. Your API gateways, WAFs, and other security technologies and infrastructure should work with the API contract to provide seamless CI/CD integration and automation across the software and API lifecycle.

With threats evolving and multiplying, it's essential to understand how technological advancements can serve as both a challenge and an opportunity to safeguard digital content. How does the use of blockchain in digital content security software ensure the immutability of supply chain history? And how does it prevent modification, back-dating, or shredding of data?