SocGholish, also known as FakeUpdate, is a JavaScript framework leveraged in social engineering drive by compromises that has been a thorn in cybersecurity professionals’ and organizations’ sides for at least 5 years now. Upon visiting a compromised website, users are redirected to a page for a browser update and a zip archive file containing a malicious JavaScript file is downloaded and unfortunately often opened and executed by the fooled end user.

Europe’s new Digital Identity wallet offers inhabitants and companies a digital ID they can rely on, it acts as a tool which not only verifies and stores ID data but also enhances the application of the data for ease of use. The European Digital Identity will be held in a mobile phone wallet. This would make it easier to communicate important information in a timely and user-friendly manner at the discretion of the individual.

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America

TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their cyber resilience. Thanks to its threat intelligence offering, Outpost24 is well-positioned to create attack scenarios in line with the TIBER-EU framework.

For most modern businesses, there’s a divide between Information Technology (IT) and Operational Technology (OT). The difference between these equally integral facets of digital manufacturing is a subject currently under debate. Ultimately, information technology deals with information and data. In contrast, operational technology handles the physical processes necessary to use that information.

Asset discovery is the ability to provide visibility of all devices located within an organization with limited or no human interaction. Most organizations often attempt to manually create a list of their assets in a shared document, such as a spreadsheet, or a small database, making changes whenever a new device is either added or removed. This process is deceptively manageable when organizations are relatively small and not that complex.

October is Cyber Security Awareness Month, and it’s more important than ever for businesses to take steps to protect their data. In this blog post, we’ll cover the basics of cyber security and why it’s so important for your business. We’ll also provide some tips on how you can get started with cyber security awareness month.

Aaron Cooper is the Security Operations Manager at TripActions with 20+ years of experience working in a variety of enterprise infrastructures. He specializes in managing and designing secure network environments to meet the needs of financial and corporate customers, managing security operations centers, and designing and implementing highly secure and available data networks while maintaining HIPAA, SOX, and PCI compliance.

With most of us working from anywhere, smartphones and tablets have become a big part of how we stay productive. At the same time, the average cost of data breaches continues to rise, averaging $4.35 million in 2022. While there are numerous threat vectors organizations have to juggle, this got me thinking about how applications and device vulnerabilities are currently managed.

The fourth annual Devo SOC Performance ReportTM shows security professionals believe the SOC is significant to their organization’s cybersecurity strategy. As noted in our last blog, 77% of respondents say their SOC is “very important” or “essential” to their organization. But there’s pain behind the scenes as well. The report notes the majority of security professionals are feeling overwhelmed due to too much work and not enough resources.