Scammers are abusing Google ads to target users searching for help with printer problems, according to researchers at Malwarebytes. The malicious ads claim to offer tech support for installing drivers used by HP and Canon printers. “After clicking on a malicious ad, the website instructs you to enter your printer’s model number in order to download the required driver, which it proceeds to ‘install,’” the researchers write.

On December 3, 2024, Veeam disclosed a critical vulnerability within the Veeam Service Provider Console (VSPC), tracked as CVE-2024-42448, which was discovered during internal testing. VSPC is a management tool designed for service providers to manage customer backups. The vulnerability allows a remote threat actor to perform Remote Code Execution (RCE) on the VSPC server machine from an authorized VSPC management agent machine.

Trust is the foundation of the open source community — but what happens when that trust is betrayed? When a backdoor vulnerability was found in a widespread Linux-based data compression tool, it nearly created an opportunity for malicious actors to seize control of countless computers worldwide. The vulnerability was introduced by a trusted contributor who, after years of building rapport with maintainers, ultimately exploited that trust.

A year ago, Bitsight TRACE published a blog post on Socks55Systemz,a proxy malware with minimal mentions in the threat intelligence community at the time. In that post, we correlated a Telegram user to the botnet operation and estimated its size at around 10,000 compromised systems. After a year-long investigation, we are shedding new light on these conclusions.

The old adage “knowledge is power” holds especially true in the realm of AppSec. By remaining aware of the potential threats to applications and closing gaps in coverage, AppSec teams can demonstrate to leaders that they are in a solid position to protect vital assets. However, visibility is riddled with challenges, not the least of which are highly productive developers racing to market, often using AI-generated code that contains potential security issues.

Keeper Security’s Risk Management Dashboard delivers a streamlined view within the Keeper Admin Console to quickly and easily give administrators visibility into their organization’s Keeper configuration practices and compliance posture. The Risk Management Dashboard leverages an outlined set of Keeper Security Benchmarks to keep organizations compliant and safe.

Torq is thrilled to have Patrick Orzechowski (also known as “PO”) on board as our new Field CISO, bringing his expertise and years of experience as a SOC leader to our customers. PO is a seasoned security veteran with a deep understanding of the modern security landscape. By way of introduction, below he shares his five top pieces of advice for SOC leaders facing today’s security challenges.

The National Institute of Standards and Technology (NIST) issued a new perspective on password management policies, recognizing that many traditional practices used to ensure password security are no longer effective. The suggested practices to eliminate include not requiring periodic password changes, reducing restrictions on special characters, and discontinuing the use of security questions for account recovery.

In 2024, Thanksgiving (November 28), Black Friday (November 29), and Cyber Monday (December 2) significantly impacted Internet traffic, similar to trends seen in 2023 and previous years. This year, Thanksgiving in the US drove a 20% drop in daily traffic compared to the previous week, with a notable 33% dip at 15:45 ET. In contrast, Black Friday and Cyber Monday drove traffic spikes. But how global is this trend, and do attacks increase during Cyber Week?

Trustwave has launched two additional Microsoft Security accelerators designed to quickly increase an organization’s security maturity and identify potential cost-saving initiatives. The new accelerators are focused on Microsoft Purview and Microsoft Entra ID.