A new destructive malware called WhisperGate was discovered in mid-January 2022 targeting Ukrainian organizations. This threat emerged during geopolitical conflicts in Ukraine, masquerading as ransomware. However, this malware has a more destructive nature: wiping files and corrupting disks to prevent the OS from loading. Ukraine has suffered other cyberattacks that seem to be connected to WhisperGate, such as the defacement of many websites connected to their governments.

Jitsuin met Meterian in the NCSC Cyber Runway Accelerator launched in November 2021. What we quickly realized is that automated generation and permissioned sharing of SBOMs would save valuable time in vulnerability discovery and mitigation. So we moved fast to fix things! The integration between Meterian’s Boost Open-Source Software Scanner (BOSS) and Jitsuin’s RKVST SBOM Hub enables software publishers to automatically generate, store and distribute SBOMs in public or private.

The discipline of threat intelligence began to be incorporated in cyber defense processes within private sector companies nearly a decade ago. Over the past few years, more and more organizations began to establish their own threat intelligence operations, building Security Operations Centers (SOCs), incident response (IR) capabilities and threat intelligence teams.

Over the past months, Cyberint Research Team observed a new group that emerged on several underground forums. What seemed to be “yet another info stealer seller” has turned out to be something far more interesting. As the group is named Jester Stealer, that were, at first, selling a fairly sophisticated info stealer (Figure 1). Other evidence suggests that there is much more to it. Cyberint Research Team discovered a developing threat group that gets their claws into whatever they can find.

The growing wave of cybercrime targets businesses in every industry, and law firms are no exception. With many unique cybersecurity risks, law firms are more onerous to secure than other organizations. In addition to having to fend off threats from cybercriminals, they must also overcome the threat posed by hacktivists and nation-states. Law firms are especially attractive to bad actors because attorneys need access to highly sensitive data to provide legal services.

Today's threat actors are well-organized, highly skilled, motivated, and focused on their targets. These adversaries could be lurking on your network or threatening to break into it, using increasingly sophisticated methods to reach their goal. Simply put, there's often no need for adversaries to deploy malware at the early stages of the attack.

Regardless of the industry or organization, corporate email is the main cause of unauthorized and accidental data leaks. Employees are constantly sending emails to external parties that may contain sensitive company data, personally identifiable information (PII), trade secrets and other intellectual property.

The number of U.S. data breaches reported in 2021 increased dramatically over the preceding year. As reported by the Identity Theft Resource Center (ITRC), there were 1,291 data breaches between January 1, 2021 and September 30, 2021. The volume beat out the 1,108 breaches detected over the course of Full Year (FY) 2020. It’s therefore not surprising that data compromises year-to-date (YTD) was up 27% last year compared to FY 2020.

Sysdig today announced that it has achieved Amazon Web Services (AWS) Security Competency status. This crucial designation recognizes the value provided by the Sysdig Secure DevOps Platform to AWS customers to achieve their container and cloud security goals. As a key partner for the ecosystem, Sysdig collaborates closely with AWS and its customers to enhance the protection of cloud infrastructure and applications against continuously evolving security threats.