Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.

The landscape of cybercrime continues to evolve, and cybercriminals are constantly seeking new methods to compromise software projects and systems. In a disconcerting development, cybercriminals are now capitalizing on AI-generated unpublished package names also known as “AI-Hallucinated packages” to publish malicious packages under commonly hallucinated package names.

Artificial intelligence (AI) has generated significant hype in recent years, and separating the promise from reality can be challenging. However, at Torq, AI is not just a concept. It is a reality that is revolutionizing the SOC field, specifically in the area of Tier-1 security analysis, especially as cybercriminals become more sophisticated in their tactics and techniques. Traditional security tools continue to fall short in detecting and mitigating these attacks effectively, particularly at scale.

Despite being the second-largest internet market in the world, India has yet to pass a comprehensive data privacy bill. It is important to have policies and regulations in place to protect them and their right to data privacy—a right that India’s Supreme Court recognized in 2017. Since then, the country’s government has been working towards passing a bill that codifies the rights of individuals to data privacy and protection.

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future attacks. According to IBM’s Cost of a Data Breach 2022 report, the average data breach costs its victims $4.35 million.

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement about the need for greater security in the IT services industry.

The impacts of account takeover fraud are genuine. According to the Javelin 2022 Identity Fraud Study, 22% of U.S. adults have been victims of account takeover attacks. This type of fraud can have devastating financial and personal consequences when criminals gain access to accounts and exploit them for theft and abuse. Understanding account takeover and how it happens enables individuals and businesses to better detect and prevent these schemes.

PokerStars is one of the largest online poker rooms in the world and has millions of registered customers that use the platform to play remotely with others from different areas of the world. The company is well-known for providing poker and other card-game services and is part of a larger gambling network with more organizations. The company houses data for millions of users that access the platform, and some of that data was just accessed in a recent breach.

A wise person once said that you should use the lookup command before you go threat hunting. Or, as I hear it in my head, “Look it up before you go-go…hunting”, a la WHAM!:   In this must-read tutorial for hunting in Splunk, we’re looking at the lookup command, including what it does and how and where to use it for threat hunting. Let’s get started! (This article is part of our Threat Hunting with Splunk series. We’ve updated it recently to maximize your value.)

For threat actors looking to create widespread damage, attacking a third-party supplier with services and software that organizations can’t always control the security measures for continues to be an enticing target. The supply chain is now the weakest link.