What a Successful Threat-Hunting Program Looks Like?
Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers. Over the last few years, an influx of high-profile industry security issues (PDF) have placed offensive tactics among...
Malware steal data from other hackers
Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. The malware developer has planted in the builder for the infostealer a backdoor that is...
How to protect against fraud?
2022 has so far seen an insatiable appetite for stories of fraud From ‘The Tinder Swindler’ Simon Leviev fooling potential love interests into giving him millions of dollars to escape his “enemies”, to con artist Anna Delvey winning the hearts and purses of New York’s...
Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack
SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software. On Dec. 8, 2020, FireEye announced the discovery of a breach in the SolarWinds Orion software while it investigated a...
Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows
Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored cyberespionage actor, APT29 employs the new capability to hide their...
LastPass developer systems hacked to steal source code
Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company's source code and proprietary technical information. The disclosure comes after BleepingComputer learned of the breach from insiders last week and reached out to...
The top three learnings from the 2022 Verizon Data Breach Incident Report
The data displayed in the new Verizon Data Breach Incident Report (DBIR) offers critical insight into the current state of cybersecurity After a year of data breaches and cyberattacks consistently dominating headlines, this year’s report closely examines what...
Hackers target hotel and travel companies with fake reservations
A hacker tracked as TA558 has upped their activity this year, running phishing campaigns that target multiple hotels and firms in the hospitality and travel space. The threat actor uses a set of 15 distinct malware families, usually remote access trojans (RATs), to...
Patch Now: 2 Apple Zero-Days Exploited in Wild
The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response. Security researchers are urging users of Apple Mac, iPhone, and iPad devices to immediately...