Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

The amount of money to run an AI-based disinformation campaign is miniscule compared to the influence the campaign can have on society. As I noted in my recent SecurityWeek piece “Preparing Society for AI-Based Disinformation Campaigns in the 2024 US Elections”, there are four common steps in these efforts: Reconnaissance, content creation, amplification and actualization.

As March Madness sweeps across the nation, the excitement and frenzy associated with the NCAA Basketball Tournament also ushers in a season ripe for cyber threats. This annual college basketball tournament, beloved by millions, creates a unique environment that cybercriminals exploit to launch sophisticated social engineering attacks.

Ensuring the security of containerized workloads has become a top priority given the accelerated adoption of managed Kubernetes services. The complexity of hosting these workloads securely in the cloud necessitates a comprehensive array of security measures. Among these, network policies and encryption stand out as indispensable prerequisites for safeguarding sensitive workloads in a shared, multi-tenant environment.

In our previous blog, we explored the significance of host discovery techniques using Nmap, Netdiscover, and Angry IP Scanner. Now, let's dive deeper into the network reconnaissance and focus specifically on the powerful features offered by Nmap.

There is one area of technology that requires the fastest possible response time, where every second has potentially enormous implications – security. Coralogix fits the security use cases elegantly for a simple reason. It’s very, very fast. Coralogix alarms fire faster than any of our competitors. When benchmarking our closest competition, whose alarms responded in around 2-4 minutes, we left them behind with a median trigger time of 10 seconds across log alerts.

Oren Amiram, Director of Product at AlgoSec, explains why misconfigurations continue to plague public cloud network services and how organizations can address these shortfalls with AlgoSec Cloud. Cloud security as a strategy is constantly evolving to meet the needs of organizations for scale, agility, and security. If your organization is weighing the merits of the use of public cloud versus private cloud, here are a few facts to keep in mind. Data shows that the public cloud is the preferred choice.

Arctic Wolf has recently observed an uptick in detected password spraying for multiple Firewall and VPN appliances. This activity began on February 28, 2024. A variety of products are affected by this activity, including but not limited to devices from vendors such as Cisco, Palo Alto Networks, and WatchGuard. Further investigation revealed that authentication against web-based applications in general was being targeted as opposed to a selection of firewall vendors.