Security News

Cybercriminals on Discord: Discovering developing threats
2022-04-07 06:00

In this video for Help Net Security, Tal Samra, Cyber Threat Analyst at Cyberint, talks about Discord, a platform often used for cybercrime activities, and the possible threats users might come across. The application offers its users privacy and encryption, access to private rooms and hidden content, and by also being resistant to law enforcement seizure, it has been increasingly leveraged by cybercriminals in distributing malicious files.

Advanced Threat Defense for Your Business-critical Applications on AWS
2022-04-06 00:00

Fortinet's partnership with AWS ensures your workloads and applications on AWS are protected by best-in-class security solutions. With simplified security management, full visibility across environments, and broad, comprehensive protection, gain the ultimate flexibility and control you need to build in the cloud.

Hybrid threat model: Watch out for the unhappy employee
2022-04-05 05:00

The next generation of enterprise cyber threats will see external and internal threats and threat actors colliding into a hybrid threat model. The hybrid threat actors have even taken the threat matrix one step further and have launched physical attacks.

Borat RAT: Multiple threat of ransomware, DDoS and spyware
2022-04-04 16:30

"The Borat RAT provides a dashboard to Threat Actors to perform RAT activities and also has an option to compile the malware binary for performing DDoS and ransomware attacks on the victim's machine," the researchers wrote in a blog post, noting the malware is being made available for sale to hackers. Borat - named after the character made famous by actor Sacha Baron Cohen in two comedy films - comes with the standard requisite of RAT features in a package that includes such functions as builder binary, server certificate and supporting modules.

North Korean threat actors target news outlets and fintechs with a Google Chrome vulnerability
2022-03-30 14:07

Threat actors from North Korea have been exploiting a vulnerability in Google Chrome to target certain users with remote code, particularly news outlets, software vendors and fintechs in the United States. On Feb. 10, Google's TAG team discovered two distinct threat actors using that vulnerability to target U.S.-based organizations spanning news media, IT, cryptocurrency and fintech industries.

FCC adds Kaspersky, Chinese companies to list of potential threats to national security
2022-03-29 12:30

FCC adds Kaspersky, Chinese companies to list of potential threats to national security. The Federal Communications Commission's Public Safety and Homeland Security Bureau has added three companies to the list of communications equipment and services that pose a threat to national security through access to user information.

Triton malware still a threat to energy sector, FBI warns
2022-03-28 12:30

The new FBI warning [PDF] came a day after the US Department of Justice unsealed a pair of indictments that detail alleged Russian government efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure. One of the two indictments involves Triton malware and its use in the 2017 attack.

Is next-gen threat modeling even about threats?
2022-03-28 06:00

Many experts attempt to use traditional threat modeling as their first line of business to address security in the SDLC. But what if everyone is doing threat modeling wrong? The industry standard for how we conduct threat modeling today evolved from past meetings where security professionals piled into a conference room and brainstormed potential threats that might affect their software.

Extended Threat Intelligence: A new approach to old school threat intelligence
2022-03-28 05:00

New solutions such as Extended Threat Intelligence are needed. There are some platforms that bring a new approach that integrates Cyber Threat Intelligence, Digital Risk Protection, and External Attack Surface Management capabilities to realign security thinking from that of a defender to that of an attacker.

FCC Adds Kaspersky and Chinese Telecom Firms to National Security Threat List
2022-03-28 02:15

The U.S. Federal Communications Commission on Friday moved to add Russian cybersecurity company Kaspersky Lab to the "Covered List" of companies that pose an "Unacceptable risk to the national security" of the country. Also added alongside Kaspersky were China Telecom Corp and China Mobile International USA. The block list includes information security products, solutions, and services supplied, directly or indirectly, by the company or any of its predecessors, successors, parents, subsidiaries, or affiliates.