Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Rest-client is one of the most popular RubyGems, with a simple DSL that allows sending HTTP requests. Lightweight, versatile, developed by famous Rubyists…with all these attributes, this gem is a very shiny and attractive target for malicious actors. All they need is a good method of attack. An attempt made today tried to leverage typosquatting by adding malicious code to rest_client, but it didn’t quite ace the assignment.

SocGholish, also known as FakeUpdate, is a JavaScript framework leveraged in social engineering drive by compromises that has been a thorn in cybersecurity professionals’ and organizations’ sides for at least 5 years now. Upon visiting a compromised website, users are redirected to a page for a browser update and a zip archive file containing a malicious JavaScript file is downloaded and unfortunately often opened and executed by the fooled end user.

Europe’s new Digital Identity wallet offers inhabitants and companies a digital ID they can rely on, it acts as a tool which not only verifies and stores ID data but also enhances the application of the data for ease of use. The European Digital Identity will be held in a mobile phone wallet. This would make it easier to communicate important information in a timely and user-friendly manner at the discretion of the individual.

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America

TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their cyber resilience. Thanks to its threat intelligence offering, Outpost24 is well-positioned to create attack scenarios in line with the TIBER-EU framework.

For most modern businesses, there’s a divide between Information Technology (IT) and Operational Technology (OT). The difference between these equally integral facets of digital manufacturing is a subject currently under debate. Ultimately, information technology deals with information and data. In contrast, operational technology handles the physical processes necessary to use that information.

Asset discovery is the ability to provide visibility of all devices located within an organization with limited or no human interaction. Most organizations often attempt to manually create a list of their assets in a shared document, such as a spreadsheet, or a small database, making changes whenever a new device is either added or removed. This process is deceptively manageable when organizations are relatively small and not that complex.