Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Impersonation has thousands of years of history. When we think of impersonating something or someone, at first glance, the intent is typically the act of deceiving someone. Identity and online impersonation are malicious intent crimes that have been around for decades. With new technologies and platforms, criminals find plenty of new victims and hunting grounds. Online impersonation and identity theft are somewhat similar in the type of crimes.

It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat apps Telegram and WhatsApp. Now, I am sure you are all familiar with these apps – they are hugely popular for communication and messaging, with millions of users around the world. And unfortunately, that is exactly what makes them such an attractive target for cybercriminals.

API keys are unique identifiers that enable developers to access and interact with an application's data and services. They act as a bridge between applications, allowing them to share data and functionality. In today's digital world, API keys are increasingly important as they facilitate seamless communication between various applications and services.

Imagine you've alerted your IT team to a critical infrastructure error plaguing your network. You ask them to drop their current work and focus on immediate remediation of this detected vulnerability. After further investigation, however, it is found to be a false positive. Unfortunately, these incidents are commonplace – and they cost your organization valuable time and manpower. More worrying, they distract from legitimate security issues.

In January 2023, PrivateLoader, a malware loader from a pay-per-install malware distribution service called “ruzki”, started to distribute Tofsee (a.k.a. Gheg), a modular spambot. Spambots are typically utilized by cybercriminals to spread malware and phishing emails, and this particular one has been in operation since at least 2008.

Ferrari’s woes seem to be continuing from F1 tracks to their data. And surprisingly, ransomware today encrypts files as fast as a Ferrari V8 goes from 0 to 60 mph. The current ransomware attack means cybercriminals now have access to confidential client data. Remarkably, this isn’t the first time Ferrari has been the victim of a ransomware attack; in October of last year, critical documents belonging to the brand were leaked online.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, to mark the upcoming World Backup Day, we explore the concepts of data decay and the digital dark age. Data is often equated with oil and gold because of how valuable it can be. On the personal front, it comprises anything from digital copies of official documentation to precious memories.

Keeper’s Enterprise Password Manager is the only solution that uses Elliptic Curve Cryptography (ECC) in its encryption, making it the most secure password management solution available. ECC is a public-key cryptography method based on the mathematics of elliptic curves. First proposed in 1985, it recently rose to prominence with modern cryptography as it provides a higher level of security compared to traditional encryption methods, such as RSA.

ChatGPT, the public generative AI that came out in late November 2022, has raised legitimate concerns about its potential to amplify the severity and complexity of cyberthreats. In fact, as soon as OpenAI announced its release many security experts predicted that it would only be a matter of time before attackers started using this AI chatbot to craft malware or even augment phishing attacks.