Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, cybersecurity companies are in a never-ending race against cyber criminals, each seeking innovative new tactics to outpace the other. The newfound accessibility of generative artificial intelligence (gen AI) has revolutionized how people work, but it's also made threat actors more efficient. Attackers can now quickly create phishing messages or automate vulnerability discoveries.

In the digital realm, email communication has become the standard form of communication in our personal, work, and education. Due to the information we consistently send via email, they could easily fall into the wrong hands if left unprotected, bringing about dire consequences such as identity theft and financial losses. To avoid such nightmares, you can use a temporary email to keep your email safe from spam or an encrypted email to protect the contents of the emails you send.

Network engineers and security analysts have a lot in common. Both require the ability to not only understand the problems at hand but to ascertain the moments leading to them. A typical scenario would include a request to help with a problem a customer has been experiencing. The person you are trying to assist is probably a member of the IT team in the organisation. During these situations, we must engage our highest analytical skills.

Rhysida is a Windows-based ransomware operation that has come to prominence since May 2023, after being linked to a series of high profile cyber attacks in Western Europe, North and South America, and Australia. The group appears to have links to the notorious Vice Society ransomware gang.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Oh dear, a major leak of personal information that they didn’t know about…

CrowdStrike Counter Adversary Operations is committed to analyzing active exploitation campaigns and detecting and blocking zero-days to protect our customers. In July 2023, the CrowdStrike Falcon® Complete managed detection and response (MDR) team discovered an unknown exploit kit leveraging a still-unknown vulnerability affecting the Windows Error Reporting (WER) component.

How do I keep my Kubernetes cluster secure? I do it with the open-source tool Kubescape – a popular CNCF security tool for Kubernetes. In this video, I go over how you can get started with Kubescape as well as the SaaS platform ARMO.

AdLoad malware is still infecting Mac systems years after its first appearance in 2017. AdLoad, a package bundler, has been observed delivering a wide range of payloads throughout its existence. During AT&T Alien Labs’ investigation of its most recent payload, it was discovered that the most common component dropped by AdLoad during the past year has been a proxy application turning MacOS AdLoad victims into a giant, residential proxy botnet.

At Black Hat USA 2023, a session led by a team of security researchers, including Fredrik Heiding, Bruce Schneier, Arun Vishwanath, and Jeremy Bernstein, unveiled an intriguing experiment. They tested large language models (LLMs) to see how they performed in both writing convincing phishing emails and detecting them. This is the PDF technical paper.

Ali Solehdin – The Banking Exchange In 2022 alone, the Supplemental Nutrition Assistance Program (SNAP) distributed over $113.9 billion to nearly 22 million households across the United States. This figure represents an increase of over $5 billion from the year prior and nearly a $40 billion increase from 2020. Unfortunately, as the SNAP allocation has increased, criminals — from individuals to organized crime rings — have stolen an increasing share of these benefits.