CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware operators by using social engineering tactics on them. Additionally, we have found that Vare uses Discord’s infrastructure as a backbone for its operations. This malware is linked to a new group called “Kurdistan 4455” based out of southern Turkey and is still early in its forming stage.
Platform engineers need to be empowered in an organization’s security program. Their work has huge leverage over a product's security posture, arguably as great an impact (some would even say greater) than application vulnerabilities. Despite the significance of the impact of their work, their role in security programs remain ill-defined.
MSI is a huge PC parts manufacturer that's responsible for creating laptops, servers, graphics cards, motherboards, peripherals, and more. The company has an annual revenue greater than 6.5 billion USD and is known around the world for being part of the computer world. MSI was supposedly hit by a ransomware attack by a gang known as Money Message, and it's believed that the massive company lost a substantial amount of information as a result of this attack.
The cloud has revolutionized the way we do business. It has made it possible for us to store and access data from anywhere in the world, and it has also made it possible for us to scale our businesses up or down as needed. However, the cloud also brings with it new challenges. One of the biggest challenges is just keeping track of all of the data that is stored in the cloud. This can make it difficult to identify and respond to security incidents.
Read also: Crypto exchange GDAC hit with a $14M hack, Ares Leaks fills the void after BreachForums shutdown, and more.
Military cybersecurity operations are shifting to a digital battlefield, where tools and technology work to save lives and increase efficiency. With these advancements comes the increased need for resilient measures to meet the needs of soldiers, leadership, and civilians alike. A ransomware attack rocked the U.S. Marshals Service in February 2023, compromising critical state data on everything from top-secret operations, to internal administrative information.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Do you think someone will want to buy chicken strips for you? No, don’t think so.
Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.
Code signing certificates are essential for businesses to ensure the security of their software programs and applications. Code signing certificates provide assurance to your customers that the software they are downloading is authentic, untampered, and trustworthy. By using code signing certificates to sign their code digitally, businesses can ensure the integrity of their software and protect their reputations.
As technology continues to advance, the potential for hacking and cyber-attacks on various devices and systems has become a major threat. This has extended to the automotive industry, with increasing numbers of car hacks being reported. With the rise in the production of electric vehicles (EVs), these attacks have escalated in frequency and severity.
