Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Corelight

Detecting Gozi Banking Malware

Sep 7, 2023 By Keith J. Jones In Corelight

As a principal security researcher on Corelight’s Labs team, I help to solve difficult network security research problems at scale. Corelight’s customers might recognize some of my work if you see the packages “VPN Insights” or “App ID” on your sensors. Outside of my day-to-day role, I have a hobby podcast called eCrimeBytes where we lightheartedly discuss an electronic crime case each week.

Read Post
tripwire

5 Common Business Mistakes in Ransomware Prevention Planning

Sep 6, 2023 By Anastasios Arampatzis In Tripwire

One thing is becoming evident as ransomware attacks increase in frequency and impact: businesses can take additional precautions. Unfortunately, many companies are failing to do so. Most victims are sufficiently warned about potential weaknesses yet unprepared to recover when hit. Robust ransomware prevention is more important than ever. This becomes very clear when you consider what causes the majority of ransomware attacks nowadays. Some are caused by errors that are easily avoidable.

Read Post
Forescout

2023H1 Threat Review: Vulnerabilities, Threat Actors and Malware

Sep 6, 2023 By Forescout Vedere Labs In Forescout
In a new threat briefing report, Forescout Vedere Labs looks back at the most relevant cybersecurity events and data between January 1 and July 31, 2023 (2023H1) to emphasize the evolution of the threat landscape. The activities and data we saw during this period confirm trends we have been observing in our recent reports, including threats to unmanaged devices that are less often studied.
Read Post
securitysenses

How AI is Helping Cybercriminals and What You Can Do for Your Protection

Sep 5, 2023 By SecuritySenses In SecuritySenses
Artificial intelligence is an all-encompassing tool that leverages computer systems to mimic intelligent actions like solving problems and learning. Due to its general nature, AI can aid almost any endeavor. Sadly, this includes leveraging it for malicious purposes. How do cybercrooks use AI to aid their activities? Can you do anything about it? We explore answers to both!
Read Post
sysdig

eBPF Offensive Capabilities - Get Ready for Next-gen Malware

Sep 5, 2023 By Daniele Linguaglossa In Sysdig

It’s not a mystery that eBPF (Extended Berkeley Packet Filter) is a powerful technology, and given its nature, it can be used for good and bad purposes. In this article, we will explore some of the offensive capabilities that eBPF can provide to an attacker and how to defend against them.

Read Post
Featured Post
11:11 systems

It's not always malware

Sep 2, 2023 By Johnny Carpenter, General Manager EMEA In 11:11 Systems
Every day, cyber incidents and their subsequent downtimes seem to fill the news. These downtimes, both costly and damaging to consumer trust, have rightfully been something that CISOs and CIOs work to prevent with increasingly sophisticated security measures. But sometimes the most damaging "disasters" are the simplest.
Read Post
knowbe4

New "Early Warning" System in the U.K. Tips Off Ransomware Targets

Sep 1, 2023 By Stu Sjouwerman In KnowBe4

British Intelligence has come up with a potentially very effective means to disrupt ransomware attacks, but there seems to still be a few kinks in the system. The phone rings at your U.K. office and it’s the U.K. government’s National Cyber Security Centre (NCSC) letting you know they’ve detected a potential cyberattack.

Read Post
securitysenses

Cyber Criminals Targeting Victims Through Beta-Testing Apps

Aug 31, 2023 By SecuritySenses In SecuritySenses
Cybercriminals use a variety of deceptive methods to defraud their victims. It can be challenging to keep up-to-date with the latest threats to your online security. The Federal Bureau of Investigation (FBI) has warned people about the dangers of a new threat - malicious beta-testing apps. These apps can have severe consequences for our data and finances. In this article, we'll explain how this latest attack works, the signs of a malicious app you need to be aware of, and, most importantly, what cybersecurity tools you need to protect yourself.
Read Post
Trustwave

Threat-Loaded: Malicious PDFs Never Go Out of Style

Aug 31, 2023 By Bernard Bautista In Trustwave

In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style! Over the past few months, Trustwave SpiderLabs has seen a rising trend in threat actors employing PDF documents to gain initial access through email-borne attacks. Though the use of PDF files as a malicious vector is not a novel approach, it has become more popular as threat actors continue to experiment with techniques to bypass conventional security controls.

Read Post
Arctic Wolf

Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Aug 31, 2023 By James Liolios In Arctic Wolf
Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations. Our case data supports the observation that affected accounts did not have MFA enabled.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.