Criminal threat actors are increasingly utilizing generative AI tools like ChatGPT to launch social engineering attacks, according to researchers at Check Point. “Malicious spam is one of the oldest illicit services found on underground cybercrime forums,” the researchers write. “Spam is the most common initial vector for various attack scenario objectives such as phishing and credential harvesting, malware distribution, scams/fraud, etc.

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

The Snyk Security Labs team recently embarked on a research project into the Docker engine. During this project, I had the opportunity to perform what is arguably my favorite kind of research using my favorite selection of tools. The research panned out quite successfully, and we identified four high severity vulnerabilities that allow a malicious attacker to break out of a container environment with a controlled Dockerfile under docker build and, in one case, docker run.

Technology has recently been evolving at the speed of light. We have seen the onset of increased cyber threats across all industries. Gone are the times when threat actors had a specific goal and target. We now live in an age where robots collect, collate, and save information for a more opportune and profitable day. It is ever more important to understand the security measures individuals and organisations implement to safeguard themselves against such threats.

Kubernetes has emerged as the leading platform for orchestrating containerized applications. However, developers and administrators rely on an ecosystem of tools and platforms that have emerged around Kubernetes. One of these tools is Helm, a package manager that simplifies Kubernetes deployments. However, with the convenience and efficiency Helm offers, it also introduces significant security risks.

Cybercriminals live on the cutting edge of technology, and nothing fits the label more than artificial intelligence. It helps them design sophisticated, evolving malware, pose as higher-ups, and even successfully imitate biometrics like one’s voice. The use of AI in cyber security has developed as a natural response to these new and unpredictable challenges. How are cyber security experts using artificial intelligence to thwart the bad guys?

CloudCasa, the software-as-a-service solution for backup and recovery of Kubernetes and cloud native database workloads, has come a long way since its early days.

Netacea is a noted vendor in a new Forrester report, The Bot Management Software Landscape, Q1 2024. The report provides important independent research into the evolution of automated attacks threatening businesses in the coming year, and how bot management solutions are positioned to defend against them. The main trend cited in the report is that now, anyone can launch a sophisticated bot attack.

Being online can offer much freedom, and we are fortunate enough to have a wealth of resources to manage our lives online. Too many options can sometimes make us feel stuck in a box, and we look for alternatives that balance freedom and security. One such example of finding a solution to manage your online life is cloud storage. There are many options to consider, but many people will choose their preferred operating system cloud provider, sacrificing ease of use for the privacy of their data.

Rome wasn't built in a day. It took architects, city planners, and laborers many years to construct it, making small developments every day. Just as with Rome, cybersecurity programs, too, require significant time and investment to come to fruition. ‍ However, without knowing their initial cyber risk exposure, it can be challenging for stakeholders to comprehend the full value that cybersecurity initiatives have already delivered to the organization.