Top

Tag: Featured


Cyber-crime, Malware

Adobe Acrobat Sign Abused to Distribute Malware

March 20, 2023

Via: Security Week

Acrobat Sign is a cloud service that allows registered users to sign, send, and track documents in real-time, as well as to send signature requests to anyone. When a signature request is sent, Acrobat Sign automatically generates and sends an […]


Cyber-crime, Phishing

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

March 20, 2023

Via: CSO Online

The emergence of effective natural language processing tools such as ChatGPT means it’s time to begin understanding how to harden against AI-enabled cyberattacks. The natural language generation capabilities of large language models (LLMs) are a natural fit for one of […]


Application security, Security

Best practices for securing the software application supply chain

March 15, 2023

Via: Help Net Security

As server-side security advances, more attackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side supply chain. Unfortunately, because of these attacks’ sophisticated and subtle nature, they can be hard to detect until it’s […]


Threats & Malware, Vulnerabilities

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

March 14, 2023

Via: Help Net Security

It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 74 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, CVE-2023-24880) by different threat actors. About CVE-2023-23397 “CVE-2023-23397 is a critical EoP vulnerability in Microsoft Outlook that is […]


Network security, Security

Spotlight on Cybersecurity Leaders: David Lingenfelter

March 14, 2023

Via: SecureWorld

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. In Q&A format, they share about their professional journeys, unique experiences, and hopes for the future of cybersecurity—along with some […]


Threats & Malware, Virus & Malware

Microsoft squashes Windows bug exploited to inflict ransomware misery

March 14, 2023

Via: The Register

Criminals are exploiting a Microsoft SmartScreen bug to deliver Magniber ransomware, potentially infecting hundreds of thousands of devices, without raising any security red flags, according to Google’s Threat Analysis Group (TAG). TAG discovered the in-the-wild exploit, and reported it to […]


Threats & Malware, Virus & Malware

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

March 13, 2023

Via: The Hacker News

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. “By hijacking high-profile Facebook business […]


Access control, Security

Understanding password behavior key to developing stronger cybersecurity protocols

March 13, 2023

Via: Help Net Security

Passwords are still the weakest link in an organization’s network, as proven by the analysis of over 800 million breached passwords, according to Specops Software. The study found 88% of passwords used in successful attacks consisted of 12 characters or […]


Cyber-crime, Phishing

AI is taking phishing attacks to a whole new level of sophistication

March 8, 2023

Via: Help Net Security

92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress. Not surprisingly, 99% of cybersecurity leaders confess to being stressed about […]


Access control, Security

F5 and Visa join forces to enhance security throughout the customer experience

March 7, 2023

Via: Help Net Security

F5 and Visa join forces to enable merchants to securely reduce login friction for their customers. Customers expect seamless commerce experiences and transactions to be secure. Yet, in today’s digital-first world, customers are under threat from bad actors looking to […]


Threats & Malware, Vulnerabilities

Machine Learning Improves Prediction of Exploited Vulnerabilities

March 7, 2023

Via: Dark Reading

A public effort to create a way of predicting the exploitation of vulnerabilities announced a new machine learning model that improves its prediction capabilities by 82%, a significant boost, according to the team of researchers behind the project. Organizations can […]


Cyber-crime, Identity theft

Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

March 6, 2023

Via: Security Week

The cyberattack started on February 8 and was disclosed on February 10, when Oakland announced that it had taken systems offline to contain the incident, but that emergency services were not impacted. One week later, while continuing restoration efforts, the […]


Network security, Security

6 cybersecurity and privacy Firefox add-ons you need to know about

March 6, 2023

Via: Help Net Security

In today’s digital age, cybersecurity and privacy have become major concerns for internet users. With the increase in cyber attacks and data breaches, it is vital to protect your online privacy and security. One way to do this is by […]


Application security, Security

Easterly: Software Developers Need to Step Up on Cybersecurity

March 1, 2023

Via: SecureWorld

Imagine buying a car that has faulty brakes, or a toaster that can catch fire at any moment. You would expect the manufacturer to be held accountable for selling you a defective product that can harm you or others. But […]


Application security, Security

Application Security vs. API Security: What is the difference?

February 28, 2023

Via: The Hacker News

As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components […]


Data loss, Threats & Malware

10 US states that suffered the most devastating data breaches in 2022

February 28, 2023

Via: Help Net Security

Cyber attack risks faced by businesses across states and reported data breaches are relative to the respective state governments’ cybersecurity investment, according to Network Assured. Study methodology Network Assured compared data from State Attorneys Generals and the Department of Health […]


Cyber-crime, Identity theft

Foiling intellectual property theft in a digital-first world

February 27, 2023

Via: Help Net Security

In today’s data-driven world, the expectations and demands faced by many organizations worldwide are reaching unseen levels. To meet the challenge, a data-driven approach is necessary, with effective digital transformation needed to improve operational efficiency, streamline processes, and get more […]


Mobile, Mobile security

The mobile malware threat landscape in 2022

February 27, 2023

Via: Securelist

Figures of the year In 2022, Kaspersky mobile products and technology detected: 1,661,743 malicious installers 196,476 new mobile banking Trojans 10,543 new mobile ransomware Trojans Trends of the year Mobile attacks leveled off after decreasing in the second half of […]


Network security, Security

Perimeter 81 and TD SYNNEX provide secure network access for the modern workforce

February 22, 2023

Via: Help Net Security

Mitigating persistent cyber threats has made network security mission critical for businesses of all sizes. The 2022 U.S. Cybersecurity Census Report found that the average business experiences 42 cyberattacks each year, amplifying the need for a comprehensive solution. Perimeter 81 […]


Cyber warfare, Cyber-crime

Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

February 21, 2023

Via: The Hacker News

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that […]