On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

Criminal threat actors are increasingly utilizing generative AI tools like ChatGPT to launch social engineering attacks, according to researchers at Check Point. “Malicious spam is one of the oldest illicit services found on underground cybercrime forums,” the researchers write. “Spam is the most common initial vector for various attack scenario objectives such as phishing and credential harvesting, malware distribution, scams/fraud, etc.

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements. Notably, the infamous BlackCat ransomware group has been exploiting these requirements for their benefit. They apply pressure on victims by threatening to inform the Securities and Exchange Commission (SEC) about the company's supposed failure to report significant data breaches.

To use a passkey on an online account or application, you first need to generate the passkey using your device or password manager. Once your passkey is generated, you can use it to sign in to the online account or application it’s for without having to enter a password. Continue reading to learn more about how to start using passkeys and why you should use them over passwords.

The launch of the Apple Vision Pro has brought a new era to computing along with an exciting and fresh approach to how people interact with technology and the world around them. Keeper® is excited to be a part of this by providing a seamless, secure and encrypted login experience through our Apple Vision Pro-compatible app.

Left to their own devices, your organization’s devices can be a significant source of risk. Consider operational technology (OT), which is crucial for organizations but is not engineered and operated with a security-first mindset. Often, OT systems are beyond the purview of CISOs and are focused on meeting key objectives for system uptime and efficiency – leaving them vulnerable.

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape.

Des Moines Orthopaedic Surgeons, P.C. (DMOS) has three clinics throughout Iowa’s capital; they offer comprehensive solutions for ortho-care, from joints to extremities and MRI imaging to outpatient surgery. DMOS utilizes a variety of third-party vendors to serve their patients and the surrounding regions; almost a year ago, DMOS experienced a cybersecurity event through one of these vendors. The unauthorized actors broke into their system and compromised the information of 307,864 individuals.

In the intricate web of digital security threats, one particularly disruptive technique stands out: the Distributed Denial of Service (DDoS) attack. This form of cyber assault involves numerous compromised systems, often referred to as bots or zombies, which are used to overwhelm a target website with an avalanche of requests. The result? Legitimate users find themselves unable to access the site, leading to significant operational disruptions.

In 2023, Remote Access Trojans (RATs) and Trojan Stealers were some of the most prevalent types of malware in the cybersecurity landscape. RATs and Trojan Stealer malware represent significant cybersecurity threats, as they’re often employed to conduct espionage, surveillance, and data theft, which emphasizes the critical need for robust defenses.