Top

Tag: Featured


Mobile, Wireless security

5G can reduce – but also create – security risk

November 23, 2022

Via: Help Net Security

As 5G connections are rapidly spreading, more and more questions and misconceptions are arising. What are the most common ones and how can they affect security teams? 5G is a comparatively new technology and many cybersecurity teams have not had […]


Cyber-crime, Malware

Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware

November 22, 2022

Via: The Hacker News

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or […]


Cloud security, Security

Solvo Data Posture Manager protects organizations using public cloud services from data leakage and breaches

November 22, 2022

Via: Help Net Security

Solvo releases Data Posture Manager, its new cloud data and infrastructure management solution for public cloud users. Data Posture Manager delivers enhanced visibility into users and cloud components that have access to sensitive data, alerting organizations to excessive or newly-granted […]


Cyber-crime, Identity theft

Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data

November 21, 2022

Via: The Hacker News

The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on […]


Cyber-crime, Phishing

Luna Moth callback phishing campaign leverages extortion without malware

November 21, 2022

Via: CSO Online

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. The analysis discovered that the threat actors behind the campaign leverage extortion without […]


Email security, Security

Abnormal Security Posture Management offers protection against email platform attacks

November 16, 2022

Via: Help Net Security

Abnormal Security has released Security Posture Management, its newest addition to the product portfolio as the company progresses toward delivering the cloud email security. The latest innovation protects customers from emerging email platform attacks that are increasing in volume and […]


Email security, Security

Top enterprise email threats and how to counter them

November 15, 2022

Via: Help Net Security

A research from Tessian, the State of Email Security Report, found that enterprise email is now the No. 1 threat vector for cyberattacks. According to the report, 94% of organizations experienced a spear phishing or impersonation attack, and 92% suffered […]


Threats & Malware, Vulnerabilities

Critical vulnerability in Spotify’s Backstage discovered, patched

November 15, 2022

Via: Help Net Security

A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in their environments. What is Backstage? Having more than 19,000 stars on Github, Backstage is one […]


Cyber warfare, Cyber-crime

Russian hacktivists hit Ukrainian orgs with ransomware – but no ransom demands

November 14, 2022

Via: Help Net Security

The Ukrainian CERT (CERT-UA) has uncovered an attack campaign aimed at compromising Ukrainian organizations and irretrievably encrypting their files. To do that, they are leveraging a specific version of the Somnia ransomware that, “according to the attackers’ theoretical plan, does […]


Application security, Security

How Cisco keeps its APIs secure throughout the software development process

November 14, 2022

Via: CSO Online

Software developers know not to reinvent the wheel. So, they lean on reusable micro-services – and their corresponding application programming interfaces (APIs) – as building blocks for application components. “Developers want to focus on the added value they can bring […]


Network security, Security

EndaceFlow protects customers against network attacks

November 9, 2022

Via: Help Net Security

Endace has released EndaceFlow, a NetFlow Generator that promotes end-to-end visibility for cybersecurity and network performance monitoring. NetFlow offers a view of network traffic and other information, while continuous packet capture provides detail and granularity of that data. Together, the […]


Mobile, Mobile security

Malicious droppers on Google Play deliver banking malware to victims

November 8, 2022

Via: Help Net Security

Android users are often advised to get mobile apps from Google Play, the company’s official app marketplace, to minimize the possibility of downloading malware. After all, Google analyzes apps before allowing them on the market. Unfortunately, time after time, we […]


Cloud security, Security

Holm Security Cloud Scanning empowers users to detect vulnerabilities across all of their assets

November 8, 2022

Via: Help Net Security

Holm Security has given organizations the tools needed to lower the risk of malicious attacks in the cloud with the latest addition of Cloud Scanning to its Next-Gen Vulnerability Management Platform. While most cloud security programs focus mainly on external […]


Cyber warfare, Cyber-crime

Russian hackers to blame for approximately 75% of ransomware incidents in USA

November 7, 2022

Via: Panda Security

The U.S. Department of the Treasury (USDT) published a press release that includes the main findings of an analysis by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). The report confirms that the system supporting electronic filings of Bank Secrecy […]


Access control, Security

False sense of safety undermines good password hygiene

November 7, 2022

Via: Help Net Security

LastPass released findings from its fifth annual Psychology of Password report, which revealed even with cybersecurity education on the rise, password hygiene has not improved. Regardless of generational differences across Boomers, Millennials and Gen Z, the research shows a false […]


Cyber-crime, Identity theft

Group indicted for breaching CPA, tax preparation firms via stolen credentials

November 2, 2022

Via: Help Net Security

United States Attorney Roger B. Handberg announces the partial unsealing of an indictment charging eight individuals with Racketeer Influenced and Corrupt Organizations (RICO) conspiracy. Four have also been charged with wire fraud conspiracy and aggravated identity theft. If convicted, each […]


Cyber-crime, Phishing

Bed Bath & Beyond Investigating Data Breach After Employee Falls for Phishing Attack

November 1, 2022

Via: Security Week

Only few details have been shared by the retailer as the investigation is ongoing. The company explained that it became aware of unauthorized access to some data after an employee was targeted in a ‘phishing scam’ in October. The hacker […]


Application security, Security

Synack’s API pentesting capability empowers users to verify exploitable API vulnerabilities

November 1, 2022

Via: Help Net Security

Synack launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a user interface and are increasingly exposed […]


Hacker, Threats & Malware

What Is a White Hat Hacker?

October 31, 2022

Via: Panda Security

The terms “hacking” and “hacker” are frequently associated with illegal activity, dangerous data breaches and stolen information. But have you ever heard of legal and ethical hacking? Yep, you heard that right. There’s a type of hacking no law enforcement […]


Mobile, Mobile security, Threats & Malware, Vulnerabilities

Samsung Galaxy Store Bug Could’ve Let Hackers Secretly Install Apps on Targeted Devices

October 31, 2022

Via: The Hacker News

A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug […]