Security News
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky...
New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant...
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm,...
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. The open-source XZ Utils compression utility has been backdoored by a skilled threat actor who tried to get the malicious packages included in mainstream Linux distributions, to allow them unfettered, covert SSH access to Linux systems around the world.
Today, Red Hat warned users to immediately stop using systems running Fedora development versions because of a backdoor found in the latest XZ Utils data compression tools and libraries. "No versions of Red Hat Enterprise Linux are affected. We have reports and evidence of the injections successfully building in xz 5.6.x versions built for Debian unstable."
25% of Americans has lost money to online tax scams, according to McAfee. "As tax season ramps up, so too does cybercriminal activity. What's new this year is the scale and sophistication of scams we're now seeing thanks to artificial intelligence. From AI-generated robocalls with regional accents to very realistic and convincing fake emails, websites, and scam texts, cybercriminals are utilizing all the AI tools available to them, and so too should consumers to stay safe," said Steve Grobman, CTO at McAfee.
When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of them being saving time. Here are 20 essential open-source cybersecurity tools that are freely available and waiting for you to include them in your arsenal.
Network monitoring tools provide automated network discovery and often also draw up network topology maps. Network device monitoring is often also referred to as network performance monitoring.
While 99% of companies have data protection solutions in place, 78% of cybersecurity leaders admit they've still had sensitive data breached, leaked, or exposed. "Today, data is highly portable. While AI and cloud technologies are igniting new business ventures that allow employees to connect, create, and collaborate, they also make it easier to leak critical corporate data like source code and IP," said Joe Payne, CEO of Code42.
OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform.The new version comes with new tools, a fresh look, a new image viewer for the Gnome desktop and a usability enhancement to the Xfce desktop, and updates for the Kali NetHunter mobile pentesting platform.