Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security. URL rewriting is a security technique used by many email security platforms to analyze links in emails to verify their safety before users are allowed to click on them. However, this technique can also be abused to mask the original phishing link.

In the ever-evolving landscape of cybersecurity threats, the DragonForce ransomware group has quickly become a serious menace to organizations worldwide. First discovered in August 2023, DragonForce has made headlines by leveraging two powerful ransomware variants—a fork of the infamous LockBit3.0 and a modified version of ContiV3.

Dynamic Application Security Testing (DAST), sometimes referred to as “pentesting in a box”, tests running code for a variety of issues that can’t easily be found by analyzing code with static scanning tools. DAST tools are platform and language agnostic—as long as you have a website or API they can connect to, they’ll get the job done, and find real vulnerabilities in the same places an attacker would.

We are excited to announce that Jonathan Freedman has joined The Cyber Helpline as our new Head of Information Security. With over two decades of experience in Information Technology, Enterprise Architecture, and Cybersecurity, Jonathan is dedicated to safeguarding the digital landscape. He currently serves as the Head of Information Security at London law firm Howard Kennedy, where he leads the Cybersecurity Team.

You may have noticed the buzz, but we just can’t stop talking about our latest product, Workbench! Workbench is a familiar way to interact with your data and take action in real-time when and how you direct it. Be sure to check out our available resources and try it out for yourself!

For most companies today, the question isn’t whether a data breach will occur, but rather when it will occur. This predicament is primarily due to the sheer volume of data, the challenges associated with monitoring sensitive data, and the transition to remote work. Consequently, IT security teams are constantly navigating a dynamic and enduring risk landscape, making it exceptionally challenging to maintain data security and implement effective sensitive data protection strategies.

Supply chain detection and response (SCDR) is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. SCDR solutions provide risk intelligence, AI-driven workflows, and collaboration capabilities to improve the security posture of your organization and your suppliers.

On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity zero-day vulnerability affecting the GlobalProtect feature of PAN-OS. Dubbed CVE-2024-3400, it was assigned the maximum critical severity score of 10.0 through the Common Vulnerability Scoring System (CVSS), meaning the potential for damage was large and the path to exploit was easy for cybercriminals.

You can prevent Man-in-the-Middle (MITM) attacks in your organization by investing in a password manager, using a VPN, monitoring your network and training employees on security best practices. MITM attacks occur when a cybercriminal intercepts private data sent between two businesses or individuals to steal or alter the data with malicious intent.