Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Amid the disruption of the Hive ransomware group by law enforcement agencies, Hunters International emerged onto the cyber scene in Q3 of 2023, displaying notable technical similarities with Hive, hinting at an evolutionary progression or branch-off from the dismantled group. This transition underscores the adaptive nature of cybercriminal networks, persisting in their illicit activities despite law enforcement actions.

NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational networks.

Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat Intelligence team. Here’s what you need to know from August.

The growing complexity of networks and connected devices makes implementing effective cybersecurity an increasingly complicated task. While businesses have shown more awareness of the need to elevate their security posture in recent years, several fundamental cyber hygiene issues still need to be addressed.

Enterprise browsers are built on a sensible idea, but how they work in practice can be another story.

Look closer before clicking that link at the top of your search results.

The EU tightens cybersecurity requirements for critical infrastructure and services with the new NIS2 Directive – what does this mean for small businesses?

Every organization faces data security threats, which become more complex when integrating technologies like cloud computing or hybrid working options. That’s why it is critical to implement robust data protection to safeguard critical assets such as intellectual property, personally identifiable information, and sensitive financial data. This challenge is further augmented by the growing number of regulations imposed by governmental and industry bodies.

This article explains what IGA is and the benefits it offers. It also clears up some misconceptions about IGA and offers guidance about what to look for when assessing candidate IGA solutions.

“Never trust; always verify.” That’s the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: “Trust but verify.” As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model and toward an identity-first model. Zero Trust assumes that every attempt to access an organization’s digital assets is from a threat actor until it can be proven otherwise.