Over the past year, BlueVoyant’s cyber threat analysts have identified a significant rise in third-party phishing tactics, most notably with a campaign impersonating the Zelle digital payment service. By mimicking a well-known payment site like Zelle, threat actors can evade detection more effectively while collecting credentials and personally identifiable information (PII) from online users of hundreds of financial institutions.

However, as cyber threats become increasingly elaborate, traditional measures to secure systems are usually inadequate. So how does one bolster an organization’s security? Today, 70% of organizations are fighting a broad set of threats ranging from sophisticated malware to advanced persistent threats. The necessity of real time threat detection and response mechanisms has never been greater. XDR, NDR, and EDR serve as strong detectors against this adversary. Let’s see why they are important.

Hackers are increasingly targeting exposed Selenium Grid servers, hijacking them for cryptomining and proxyjacking activities. Selenium, an open-source browser automation tool widely used for web application testing, has become a valuable target for cybercriminals. As these servers often lack proper security measures, threat actors are seizing the opportunity to leverage them for their own gain.

We recognize that federal agencies face a wide range of cyber threats in today’s hybrid and cloud work environment, which requires securing multiple endpoints. From nation-states to organized crime groups, adversaries are looking to steal data at the highest levels of government, and the stakes have never been higher. Protecting sensitive information, ensuring national security and safeguarding public trust all hinge on effective cybersecurity strategies.

Implementing a security incident and event management (SIEM) system can be complex and often requires considerable expertise. Teams need to configure a variety of data sources and ensure their SIEM can scale with growing data volumes. In addition, users need time to learn the system, which can delay value realization. And SIEMs also need continuous maintenance to ensure threat intelligence, detection rules, and integrations are up to date.

Developers of plugins and themes for WordPress.org have been told they are required to enable two-factor authentication (2FA) from October 1st. The move is intended to enhance security, helping prevent hackers from gaining access to accounts through which malicious code could be injected into code used by millions of websites running the self-hosted version of WordPress.

In 2023, nearly 60% of incidents investigated by Arctic Wolf Incident Response involved a vulnerability that was two — or more — years old. That means the organization had 24-plus months to find and remediate the vulnerability before threat actors took advantage. Why do vulnerabilities remain persistent? There’s a number of reasons, not the least of which is that more of them pop up each day, creating a mountain of vulnerabilities that feels too difficult to summit for most businesses.

Crystal Rans0m is a previously undocumented hybrid ransomware family developed in Rust programming language seen for the first time in the wild on September 2nd, 2023. Interestingly, it does not only encrypt victim’s files, demanding a ransom for their release, but also steals sensitive information from the infected systems. This dual-threat approach means that attackers can double their leverage over victims, potentially increasing their chances of monetizing their attacks.

Adobe has recently addressed a critical vulnerability in its Acrobat Reader software, urging users to update immediately. The flaw, tracked as CVE-2024-41869, is a "use after free" vulnerability, which could allow attackers to execute malicious code remotely through specially crafted PDF files. This article explores the nature of this exploit, its discovery, and the urgency behind updating to the latest version.

As organizations increasingly integrate artificial intelligence (AI) into their operations, the nature of data security is undergoing significant transformation. With AI’s ability to process vast amounts of data quickly, the risk of data breaches and leaks has grown exponentially. In this context, Data Loss Prevention (DLP) has (re)emerged as a critical component for IT professionals seeking to safeguard sensitive information.