The latest OWASP Top 10 For Mobile list ranks credential mismanagement as the largest concern our applications face. Let's work to solve this secrets problem together.

Bumblebee is a highly sophisticated downloader malware cybercriminals use to gain access to corporate networks and deliver other payloads such as Cobalt Strike beacons and ransomware. The Google Threat Analysis Group first discovered the malware in March 2022 and named it Bumblebee based on a User-Agent string it used. The Netskope Threat Labs team discovered what seems to be a new infection chain leading to Bumblebee malware infection, and our findings corroborate those shared by other researchers.

At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. Instead of waiting an extra couple of months, we thought why not get ahead of the curve, pretend that ransomware will again be an issue, because it will, and proceed to the part of the story where we go through the problem and mitigation methods.

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more convincing to employees who frequently use these services. “Legitimate hosting services, such as SharePoint, OneDrive, and Dropbox, are widely used by organizations for storing, sharing, and collaborating on files,” Microsoft says.

Cyber threats against AI systems are on the rise, and today’s AI developers need a robust approach to securing AI applications that address the unique vulnerabilities and attack patterns associated with AI systems and ML models deployed in production environments. In this blog, we’re taking a closer look at two specific tools that AI developers can use to help detect cyber threats against AI systems.

In our previous blog, Data in use and why you need to keep an eye on file activities, we discussed why you should monitor how your data is being used, threats to data in use, and how you can protect it. But, when your data is on the move, you need other security capabilities to secure it. In this blog, we’ll explore data in motion. Gone are the days when you’d simply store your data in your local database and share it with peers when required.