For both white-hat and black-hat operators, the infamous “RockYou” lists have been a staple of the cyber-security landscape for well over a decade. They are lists of passwords, compiled and repeatedly expanded upon with data leaked over the years to form, in its most recent iteration, a list of approximately 10 billion plain-text passwords.

For threat actors, the Telegram app, which emphasizes user privacy, has become a favored hangout. As Dark Reading notes, “The cybercrime ecosystem now not only includes private communications platforms like I2P and Tor but also reaches across clear websites and Telegram channels.” Likewise, the U.S.

A high-severity remote code execution (RCE) vulnerability, CVE-2024-6387, has been discovered in OpenSSH’s server by the Qualys research team. This vulnerability is particularly concerning as it revives an issue that was previously addressed in 2006, highlighting the persistence of hidden bugs in widely used secure software. This discovery follows another significant vulnerability in the XZ Utils library found just a few months ago, underscoring ongoing security challenges.

Remcos is a form of malware presented as legitimate software, purportedly useful for conducting surveillance and performing penetration tests. It functions as an advanced Remote Access Trojan (RAT), enabling complete monitoring and manipulation of Windows computers from XP onwards.

61% of organizations have seen deepfake incidents increase in the past year – with 75% of these attacks impersonating the CEO or another C-suite executive, according to a recent report by Deep Instinct. Moreover, 97% are concerned they will suffer a security incident as a result of adversarial AI.

When it comes to SaaS operation, the ability to respond swiftly to technical glitches and potential failures can mean the difference between a minor hiccup and a full-blown crisis. At Cyberint, we’re always on the lookout for out-of-the-box solutions to enhance our operational efficiency and ensure the highest level of service reliability.

The UEFA League, alternatively known as Euro 2024, has officially started, marking a thrilling period for football fans worldwide. The unmatched enthusiasm for watching the matches, whether through digital screens or by experiencing the live vibe in the stadiums, has filled the air. However, this surge in excitement isn’t solely confined to sports fans but has also caught the attention of threat actors.

One of the catchphrases of modern parenting is “little kids, little problems; big kids, big problems” – meaning that as kids grow, the scope of the challenges they face also typically intensifies. You could make a similar statement about cyber risk for financial institutions: Small companies tend to face smallish cybersecurity risks, while larger financial services businesses face bigger threats.

As the fourth-largest economy worldwide, Japan stands as a pivotal center for various cutting-edge industries. This includes automotive, manufacturing, finance, and telecommunications, rendering its attack surface a prime target for cyber adversaries. Japan’s Western alliances and its territorial dispute with Russia, alongside support for Ukraine, heighten its cyber threat profile from state actors like China, Russia, and North Korea.

If you’ve paid attention to recent cybersecurity trends, you know that monitoring your supply chain is important due to the surge in supply chain attacks. But who, exactly, is responsible for that monitoring? Traditionally, the answer has been GRC (Governance, Risk and Compliance) teams, who monitor supply chains to help protect organizations against third-party risks.