Security News

The Scarleteel threat targets AWS Fargate environments for data theft and more malicious types of attacks such as cryptojacking and DDoS. Learn how to mitigate this threat. Sysdig, a cloud and container security company, has released a new report on the Scarleteel threat that targets specific AWS environments for data theft and additional malicious activities.

As security practices continue to evolve, one primary concern persists in the minds of security professionals-the risk of employees unintentionally or deliberately exposing vital information. While access controls, encryption, and monitoring systems are crucial for identifying and mitigating unauthorized access and suspicious activities, the increasing prevalence of cloud-based environments and the surge in SaaS application usage demand a fresh perspective on Insider Risk Management from a SaaS security standpoint.

Learn how a malicious driver exploits a loophole in the Windows operating system to run at kernel level. Cisco Talos discovered a new Microsoft Windows policy loophole that allows a threat actor to sign malicious kernel-mode drivers executed by the operating system.

As vulnerabilities continue to rise and security evolves, it is becoming increasingly apparent that conventional vulnerability management programs are inadequate for managing the expanding attack surface. As a result, many security teams are scrambling to adopt modern vulnerability management programs that are capable of identifying and thwarting contemporary vulnerability-based threats.

Leading analyst firm Gartner Research describes the solution: "By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be 3x less likely to suffer from a breach." IT and security teams constantly face threat exposures, and they must proactively address critical security gaps in their exposed assets.

Browser-based emerging threats New browser-based social engineering trends. Three of the four new threats that debuted on our top ten malware list this quarter have strong ties to nation states, although this doesn't necessarily mean those malicious actors are in fact state-sponsored.

The malware "Possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for carrying out ransomware activities," Zscaler researchers Shatak Jain and Gurkirat Singh said in a recent analysis. Following a successful breach, the malicious binary is used as a conduit to set up persistence, perform the actual browser update, and also drop a stealer capable of covertly harvesting sensitive information and encrypting the stolen files, leaving the victims at risk of potential data loss, exposure, or even the sale of their valuable data.

Small organizations face the same security threats as organizations overall but have less resources to address them, according to Netwrix. Smaller organizations usually have fewer resources and experience with which to address security threats.

Infosec outfit Checkpoint says it's spotted a Chinese actor targeting diplomatic facilities around Europe. Checkpoint has dubbed the campaign "SmugX" thanks to its use of HTML smuggling to deploy the PlugX remote access trojan.

A new report from Kaspersky reveals the top cyber threats for SMBs in 2023. The biggest cybersecurity threat to SMBs is the use of exploits by attackers; there were 483,980 detections in the five first months of 2023.