%term

HUNTUBS Ransomware Attack on Tata Technologies: A Major Cybersecurity Breach

Mar 10, 2025 By Foresiet In Foresiet

Cybersecurity incidents continue to make headlines, with the latest victim being Tata Technologies, a leading global engineering and technology services company. The HUNTUBS ransomware group has claimed responsibility for a major attack, leaking sensitive corporate data. The incident, which resulted in the theft of 1.4 TB of confidential data, has raised concerns about cybersecurity resilience among major enterprises.

Read Post

Foresiet

Read more about HUNTUBS Ransomware Attack on Tata Technologies: A Major Cybersecurity Breach

How AI is Transforming Cyber Attacks

Mar 7, 2025 By Arctic Wolf In Arctic Wolf

Since its introduction into cybersecurity in the late 1980s as a tool for detecting unusual activity, artificial intelligence (AI) has grown in popularity and functionality, with a major surge of adoption happening in the past few years, thanks to its growing ability to perform tasks faster and more accurately than humans. However, AI has never operated in isolation; it has always relied on human input. And any advanced technology that requires human input can be used for both good and bad.

Read Post

Arctic Wolf

Read more about How AI is Transforming Cyber Attacks

Prevent, Detect, Contain: LevelBlue MDR's Guide Against Black Basta Affiliates' Attacks

Mar 7, 2025 By Ken Ng In LevelBlue

Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.

Read Post

LevelBlue

Read more about Prevent, Detect, Contain: LevelBlue MDR's Guide Against Black Basta Affiliates' Attacks

How Three Industry Leaders Are Stopping Identity-Based Attacks with CrowdStrike

Mar 7, 2025 By Ryan Terry In CrowdStrike

The CrowdStrike 2025 Global Threat Report highlights the ongoing threat of identity-based attacks. Adversaries are increasingly exploiting stolen credentials to evade detection, and 79% of detections overall were classified as malware-free. Valid account abuse became the primary initial access method in 35% of cloud intrusions. The report also shares that access broker advertisements rose by 50% year-over-year, indicating a rise in demand for valid credentials and other forms of access.

Read Post

CrowdStrike

Read more about How Three Industry Leaders Are Stopping Identity-Based Attacks with CrowdStrike

Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks

Mar 7, 2025 By SecurityScorecard In SecurityScorecard

North Korea’s Lazarus Group is evolving its tactics again. The latest campaign, dubbed Operation Marstech Mayhem, introduces an advanced implant named “Marstech1.” This malware is designed to compromise software developers and cryptocurrency wallets through manipulated open-source repositories. Unlike previous Lazarus operations, this campaign employs obfuscation techniques that make detection significantly harder. Read the full report here.

Read Post

SecurityScorecard

Read more about Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks

SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension - Password Managers, Wallets at Risk

Mar 6, 2025 By SquareX

With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many organizations. SquareX's research team discovers a new class of malicious extensions that can impersonate any extension installed on the victim's browser, including password managers and crypto wallets.

Read Post

Read more about SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension - Password Managers, Wallets at Risk

Inside a Cyberattack: How Hackers Steal Data

Mar 6, 2025 By Dave Gray, VP EMEA and Glenn Wilkinson, Professional Hacker and Speaker In Protegrity

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organisation, particularly as the cybercrime industry becomes increasingly sophisticated and their technology more advanced. Furthermore, once a hacker has broken through an organisation's defences, it is relatively easy to move within the network and access information without being detected for days and even months. This is a significant concern for Banking and Financial Services organisations, which house valuable sensitive and Personally Identifiable Information (PII).

Read Post

Protegrity

Read more about Inside a Cyberattack: How Hackers Steal Data

11 Best DDoS Protection Software in the Market 2025

Mar 6, 2025 By Indusface In Indusface

Looking for the best DDoS protection software to safeguard your website from cyber threats? In this video, we explore top solutions that help prevent downtime, mitigate large-scale attacks, and ensure seamless website performance.

View Video

Indusface

Read more about 11 Best DDoS Protection Software in the Market 2025

Detecting and Controlling Hidden DNS Tunnel Attacks

Mar 5, 2025 By Fidelis Security In Fidelis Security

DNS is the backbone of the internet, translating domain names into IP addresses to facilitate communication between devices. However, cybercriminals exploit DNS to create covert channels for data exfiltration and command-and-control (C2) operations using DNS tunneling. This technique allows attackers to bypass security measures by disguising malicious traffic as legitimate DNS queries. As DNS-based attacks continue to rise, securing DNS traffic has become a priority for organizations worldwide.

Read Post

Fidelis Security

Read more about Detecting and Controlling Hidden DNS Tunnel Attacks

Intelligence-Led Threat Hunting: The Key to Fighting Cross-Domain Attacks

Mar 3, 2025 By Thuy Nguyen - Dana Larson In CrowdStrike

Cross-domain attacks have become a defining challenge in modern cybersecurity, with adversaries exploiting gaps across endpoints, identity systems, and cloud environments to achieve their objectives. These sophisticated attacks use stealthy, malware-free techniques and legitimate tools, making them exceptionally difficult to detect and disrupt.

Read Post