In November 2024, supply chain attacks featured two key trends: attackers’ persistent use of “legitimate-first” package strategies and creative approaches like exploiting official documentation....
Facebook, Instagram, Threads, and WhatsApp suffered a massive worldwide Wednesday afternoon, with services impacted in varying degrees based on user's region. [...]
Keeper’s extensive authentication options and generous discounts make it an alluring password manager to try this year. Read more about it in our full review.
What is the best CSPM tool for your business? Use our guide to review our picks for the best cloud security posture management (CSPM) tools.
SUMMARY Cybersecurity researchers at Group-IB have exposed an ongoing phishing operation that has been targeting employees and associates from…
Compare CrowdStrike and Palo Alto Networks in this in-depth article, exploring features, pricing, usability, and performance to find the right solution for your business.
Compare CrowdStrike and Splunk, two leading SIEM solutions, focusing on their features, strengths, and differences in cybersecurity effectiveness.
A Republican congressman from Texas makes the case for cybersecurity as “a cornerstone” of the GOP agenda. The post Why Americans must be prepared for cybersecurity’s worst appeared first on CyberScoop.
AWS re:Invent 2024 brought an avalanche of announcements, with over 500 updates since November. Let's spotlight the most impactful ones for security teams, from Resource Control Policies to...
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of...
Operation PowerOFF has dismantled a network of 27 DDoS platforms, leading to the arrests of three administrators and the identification of over 300 users
Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors' infrastructure to target Ukrainian military devices connected via Starlink. [...]
Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors' infrastructure to target Ukrainian military devices connected via Starlink. [...]
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and...
Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as "booters" or "stressers," arrested three administrators, and identified 300 customers of the...
The Romanian National Cybersecurity Directorate (DNSC) says the Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. [...]
Mapping the Malware Maze (at least trying to)
The US government has sanctioned Sichuan Silence and one of its employees for the mass compromise of firewalls which led to the deployment of malware and ransomware
Rising convergence of OT and IT in today’s interconnected industrial landscape evidently brings about heightened innovation and efficiency... The post Securing the Future: A Comprehensive Guide to...
SUMMARY Cybersecurity researchers at Deep Instinct have uncovered a novel and powerful Distributed Component Object Model (DCOM) based…
The U.S. House of Representatives unanimously approved a bill aimed at enhancing cyber resilience against state-sponsored threats. This... The post US House passes legislation to bolster cyber...
Microsoft has patched dozens of vulnerabilities in December, including one zero-day being exploited in the wild
Researchers from Nozomi Networks Labs analyzed a Phoenix Contact mGuard industrial router, uncovering 12 vulnerabilities during a comprehensive... The post Nozomi detects 12 security flaws in...
US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. [...]
A zero-day vulnerability in Cleo file transfer software is being exploited in data theft attacks
The multi-cloud data warehousing platform said it will completely phase out single factor authentication with passwords by November 2025
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure,...
Authored By Sakshi Jaiswal, Anuradha M In Q3 2024, McAfee Labs identified a sharp rise in the Remcos RAT threat.... The post The Stealthy Stalker: Remcos RAT appeared first on McAfee Blog.
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code...
Author: Guus Beckers Back in 2022 Fox-IT decided to open source its proprietary incident response tooling known as Dissect. Since then it has been adopted by many different companies in their...