Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Five Steps to Protect Your Organization against Phishing Attacks

The rise in cybercrime has accelerated 600% over the last three years, and shows no signs of slowing down. Even though the pandemic accelerated online services, data, and particularly vulnerable home networks, the truth is that cybercriminals are caught only 0.03 percent of the time. That rate, combined with the fact that the average cost of a data breach stands at $3.86 million makes for an attractive calculation for cybercriminals.

Mind your Single Sign-On (SSO) logs

The news that hacking group Lapsus$ gained unauthorized access to Single Sign-On (SSO) provider Okta through a third-party support account sent chills through information security professionals everywhere. Organizations have adopted SSO identity providers to enable a modern workforce that is increasingly reliant on secure access to cloud-hosted applications to perform critical business functions.

Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns

The Trustwave SpiderLabs email security team has been monitoring the ongoing Russia-Ukraine crisis to ensure that our clients are protected and aware of any imminent threats. This research blog captures some of the phishing email threats we have discovered. Whenever there is a global event, threat actors are sure to take advantage of the situation. As the war between Russia and Ukraine continues, cybercriminals are pumping out spam emails that use the crisis as a lure.

Move aside, Conti, Lapsus$ coming through!

-In the hours after news broke that Lapsus$ claimed to have breached Okta, an enterprise identity and access management firm, SecurityScorecard’s Threat Research and Intelligence team conducted a rapid investigation into Lapsus$ to provide customers and partners with the very latest in actionable security intelligence and insights related to this emerging cybercrime group. -Lapsus$’s targets have quickly evolved from Brazilian and Portuguese organizations to high-profile U.S.

Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack

In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group — known as BlackCat/ALPHV — has taken the sophisticated approach of developing their tooling from the ground up, using newer, more secure languages like Rust and highly customized configuration options per victim.

Trustwave's Action Response: The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain

Trustwave is actively tracking the threat of Lapsus$ for our clients. We encourage all organizations, especially those part of the digital supply chain, to remain vigilant and ensure that cyber best practices are implemented. We are actively investigating all unusual login behaviors for clients that use Okta. For more information on the Okta incident, please visit their blog. Trustwave does not use Okta. Actionable security recommendations for organizations can be found below.

Large-scale npm attack targets Azure developers with malicious packages

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Two days ago, several of our automated analyzers started alerting on a set of packages in the npm Registry.