Security News

So Don was rather surprised one day to hear a phone ringing as he stalked the racks, because the kit there was dedicated to modems. "The caller only said 'BOMB. BOMB. BOMB.' with a strong Irish accent," don recalled.

A new analysis of Raspberry Robin's attack infrastructure has revealed that it's possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin, attributed to a threat actor dubbed DEV-0856, is malware that has increasingly come under the radar for being used in attacks aimed at finance, government, insurance, and telecom entities.

SaaS applications are often multi-tenanted, so your applications need to be secure against attacks where one customer could access the data of another customer, such as logic flaws, injection flaws, or access control weaknesses. Security testing with an automated vulnerability scanner in combination with regular pentesting can help you design and build secure web applications by integrating with your existing environment, catching vulnerabilities as they're introduced throughout the development cycle.

Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the "Your Consent Options" link on the site's footer.

Every SOC on the planet is grappling with the challenges of integrating detection techniques and response processes for public cloud computing. This presentation by Rich Mogull, SVP Cloud Security at FireMon, delves into the details with a framework for modernizing response operations, combined with technical details and examples.

FIN7 is a threat actor that mostly focuses on stealing financial information, but it also sells sensitive information stolen from companies. FIN7 started using ransomware in 2020, being affiliates of a few of the most active ransomware groups: Sodinokibi, REvil, LockBit and DarkSide.

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st and December 1st, 2022.

When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. "Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture," said John Fokker, Head of Threat Intelligence, Trellix.

Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time. As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.

As the internet continues to expand and connect more people and devices than ever before, the need for effective cyber threat intelligence sharing has never been greater. In today's interconnected world, a threat to one organization can quickly become a threat to many others, making it essential for businesses and other organizations to share information and work together to stay safe online.