The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry. The threat actor identifies IT employees at automotive companies and attempts to trick them into downloading a Trojanized version of a free IP scanning tool. FIN7 is a Russia-based financially motivated threat actor that carries out a variety of cybercrime activities, including ransomware attacks.

Learn about careers with us and search open job opportunities here. In Q4 2023, Kroll identified an uptick in engagements involving Akira ransomware, a trend that has continued into 2024. Kroll observed that in the majority of cases, initial activity could be tracked back to a Cisco ASA VPN service.

When you set up a new project on GitHub, the initial steps lay the groundwork for its future development, collaboration, and maintenance. It’s like laying down the first stone of a building. We have prepared a concise guide for starting your project effectively.

Endpoint detection and response (EDR) solutions have become a key component of many enterprise endpoint security strategies, resulting in a forecasted market value close to $17 billion by 2030. This is due in no small part to the increase in remote work following the COVID-19 pandemic, the resulting bring-your-own-device (BYOD) trend in which employees use personal devices for work-related activities, and the constant evolution of cyber threats.

Phishing isn’t what it used to be. Older, popular scams — like grammatically incorrect love letters and mysterious princes who just need a little money — have given way to sophisticated and dangerous social engineering attacks. In fact, phishing has become so prevalent and effective that it is one of the three primary ways hackers compromise credentials.

Clients often conflate Offensive Security with penetration testing, yet they serve distinct purposes within cybersecurity. Offensive Security is a broad term encompassing strategies to protect against cyber threats, while penetration testing is a specific activity where security teams test system vulnerabilities. At its essence, Offensive Security isn't just about reacting to vulnerabilities; it's about actively hunting down and neutralizing potential threats before they wreak havoc.

In the ever-evolving landscape of cybersecurity threats, the recent breach by the notorious hacker group R00TK1T serves as a stark reminder of the vulnerabilities faced by even the most established organizations. As the Foresight Threat Team delves into the details of this alarming incident, it becomes imperative to shed light on the implications and lessons to be learned from this breach.

The following is adapted from a conversation between Torq and Robbie Jakob-Whitworth, Cybersecurity Solutions Architect at Next DLP. Next DLP is a leading provider of insider risk and data protection solutions. Read on to learn how Robbie has used Torq Hyperautomation to automate alerts and reduce alert fatigue within his organization.

It’s been reported that police have apprehended 37 individuals globally, alleged to have used a technology platform facilitating fraudulent activity through deceptive text messages aimed at defrauding unsuspecting victims. Law enforcement agencies focused their efforts on dismantling the operations of LabHost, the platform used by criminals to send these messages and lure victims to fake websites masquerading as legitimate online payment or shopping services.