Latest News

On The Hunt for Hunters Ransomware: Origins, Victimology and TTPs

Aug 20, 2024 By Adi Bleih In Cyberint

Amid the disruption of the Hive ransomware group by law enforcement agencies, Hunters International emerged onto the cyber scene in Q3 of 2023, displaying notable technical similarities with Hive, hinting at an evolutionary progression or branch-off from the dismantled group. This transition underscores the adaptive nature of cybercriminal networks, persisting in their illicit activities despite law enforcement actions.

Read Post

Cyberint

Read more about On The Hunt for Hunters Ransomware: Origins, Victimology and TTPs

Malvertising on Google Ads: It's hiding in plain site

Aug 20, 2024 By Kenny Najarro In 1Password

Look closer before clicking that link at the top of your search results.

Read Post

1Password

Read more about Malvertising on Google Ads: It's hiding in plain site

Should small businesses worry about the NIS2 Directive in Europe?

Aug 20, 2024 By Avast Business Team In Avast

The EU tightens cybersecurity requirements for critical infrastructure and services with the new NIS2 Directive – what does this mean for small businesses?

Read Post

Avast

Read more about Should small businesses worry about the NIS2 Directive in Europe?

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

Aug 20, 2024 By Ori Hollander In JFrog

NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational networks.

Read Post

JFrog

Read more about From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

Your Guide to Identity Governance and Administration (IGA)

Aug 20, 2024 By Tyler Reese In Netwrix

This article explains what IGA is and the benefits it offers. It also clears up some misconceptions about IGA and offers guidance about what to look for when assessing candidate IGA solutions.

Read Post

Netwrix

Read more about Your Guide to Identity Governance and Administration (IGA)

What Is Data Loss Prevention?

Aug 20, 2024 By Chris Roney In Netwrix

Every organization faces data security threats, which become more complex when integrating technologies like cloud computing or hybrid working options. That’s why it is critical to implement robust data protection to safeguard critical assets such as intellectual property, personally identifiable information, and sensitive financial data. This challenge is further augmented by the growing number of regulations imposed by governmental and industry bodies.

Read Post

Netwrix

Read more about What Is Data Loss Prevention?

Encryption at rest in Elastic Cloud: Bring your own key with Azure Key Vault

Aug 20, 2024 By Alex Chalkias, In Elastic

In the first blog in this series, we unpacked the foundational concepts of encryption at rest and introduced you to Elastic Cloud’s “bring your own key” (BYOK) feature, which allows you to do encryption at rest with encryption keys managed by the KMS service of your cloud provider. The second blog of this series dives into the technical nuances of implementing encryption at rest with AWS KMS keys.

Read Post

Elastic

Read more about Encryption at rest in Elastic Cloud: Bring your own key with Azure Key Vault

NIST's first post-quantum standards

Aug 20, 2024 By Luke Valenta In Cloudflare

On August 13th, 2024, the US National Institute of Standards and Technology (NIST) published the first three cryptographic standards designed to resist an attack from quantum computers: ML-KEM, ML-DSA, and SLH-DSA. This announcement marks a significant milestone for ensuring that today’s communications remain secure in a future world where large-scale quantum computers are a reality.

Read Post

Cloudflare

Read more about NIST's first post-quantum standards

The Role of ISO 27001 in Enhancing Information Security

Aug 20, 2024 By SecuritySenses In SecuritySenses

In today's digital age, information security is paramount for organizations of all sizes and industries. Protecting sensitive data from cyber threats, unauthorized access, and other vulnerabilities is a critical concern. One of the most effective frameworks for achieving robust information security is ISO 27001. This international standard provides a comprehensive approach to managing and safeguarding information assets. This article delves into the role of ISO 27001 in enhancing information security, exploring its key principles, benefits, and implementation strategies.

Read Post