Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability management isn’t just about identifying weaknesses; it’s about effectively addressing them. How do you know if you’re on the right track? Are you effectively addressing vulnerabilities and minimizing risks? To answer these questions, you need more than just a list of potential metrics – you need clarity on what truly matters.

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

The Keeper Security team is thrilled to announce an updated User Interface (UI) for the Admin Console that drastically improves the user experience to save admins time and enhance productivity. The UI has a modern design that cohesively follows the much-applauded enhancements to Keeper’s end-user vault, released in 2023. The new Admin Console also provides an embedded onboarding experience that streamlines and facilitates new user adoption and proactively spotlights beneficial features.

The amount of money to run an AI-based disinformation campaign is miniscule compared to the influence the campaign can have on society. As I noted in my recent SecurityWeek piece “Preparing Society for AI-Based Disinformation Campaigns in the 2024 US Elections”, there are four common steps in these efforts: Reconnaissance, content creation, amplification and actualization.

Any business or service provider looking to work with the federal government or one of its departments or agencies is going to need to comply with one of the security frameworks as appropriate for their role, usually something like CMMC, FedRAMP, or HITRUST. A key part of these security frameworks is verification and validation that security measures are in place and that continuous monitoring is effective.

Criminals have always been among the first to adopt the latest technology to benefit themselves financially. Famed bank robbers Bonnie and Clyde used high-powered V-8 engine-equipped Ford cars to outrun local police. Other gangs used the telephone to help coordinate their activities, and some realized they could gain an edge by outgunning security and police by toting Thomson submachine guns.

As March Madness sweeps across the nation, the excitement and frenzy associated with the NCAA Basketball Tournament also ushers in a season ripe for cyber threats. This annual college basketball tournament, beloved by millions, creates a unique environment that cybercriminals exploit to launch sophisticated social engineering attacks.

Artificial intelligence (AI) has become one of the most transformative forces of our time. From the mundane tasks of everyday life to the complexities of global industries, artificial intelligence continues to permeate every aspect of society, reshaping how we live, work, and interact. The growing importance of AI is not just a trend but a fundamental shift in the way we perceive and leverage technology. This is particularly true in the cybersecurity industry.

Devices are the gateways to our work, and IT professionals understand the importance of managing and securing endpoints as part of a holistic identity and access management (IAM) strategy. Yet, it’s impossible to control what you aren’t aware of. Shadow IT, the unauthorized use of devices, apps, and services that people use to perform their jobs, can bypass even the best security programs.

Criminals have historically been quick to embrace cutting-edge technology for their financial gain. For instance, the notorious bank robbers Bonnie and Clyde utilized high-powered V-8 engine-equipped Ford cars to outpace local law enforcement. Other criminal groups leveraged telephones to coordinate their activities, while some recognized the advantage of wielding Thomson submachine guns to outgun security personnel and police.