Advertisement

Hacking stealing password data

Here is why you should have Cobalt Strike detection in place

Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams. Cobalt Strike is among the attack frameworks used by red teams and cyber specialists should be on...


A circuit key at the center of a system of integrated security: endpoints/devices/networks/apps/etc.

Top 7 CIAM tools

Customer identity and access management (CIAM) is the basis to improve management and control of third parties’ access to a business. Here are the top seven CIAM tools currently in the market.


credit card theft / credit card fraud / credit card hack

Cybercriminals are increasingly using info-stealing malware to target victims

In the first seven months of this year, threat actors stole over 50 million passwords, 2 billion cookie files, details of 103,150 bank cards, and data from 113,204 crypto wallets. 


Advertisement

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.


malvertising malware hacked ads advertising online

DUCKTAIL malware campaign targeting Facebook business and ads accounts is back

The spear phishing group has revised its tactics and is employing more sophisticated techniques and tactics based on what appears to be extensive research into Facebook business and ads management accounts.


security system vulnerabilities - a grid of locks with several unlocked

EPSS explained: How does it compare to CVSS?

The Exploit Prediction Scoring System has its shortcomings, but it can complement CVSS to help better prioritize and assess vulnerability risk.


Social engineering  >  Laptop user with horns manipulates many social media accounts

Meta outlines US involvement in social media disinformation in new report

The social media giant’s latest quarterly adversarial threat report describes three coordinated disinformation networks, one of which appears to originate from the US.


joe biden cyberceomeeting public domain wh

The Biden administration has racked up a host of cybersecurity accomplishments

The Biden administration’s intense focus on cybersecurity has resulted in an unprecedented number of initiatives. Although domestic efforts seem well-baked, opportunities exist for further leadership in the international arena.


uk and south korea flags

UK finalizes first independent post-Brexit data transfer deal with South Korea

UK organizations will be able to securely transfer personal data to the Republic of Korea without restrictions by the end of 2022.


targeted holiday attacks  >  a red bow impaled by a hook, surrounded by abstract binary code

Online retailers should prepare for a holiday season spike in bot-operated attacks

On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites. Fortunately, there are steps cybersecurity professionals can take to mitigate the...


Advertisement

A digital hub marked with crossed wrench and screwdriver branches circuits through a system.

How to reset a Kerberos password and get ahead of coming updates

If you haven’t already, now is the time to reset your Kerberos password — take proactive action to ensure that you are one step ahead and prepared nearly a year in advance of future hardening.


hand holding paper cloud for Microsoft Azure logo

Microsoft Azure launches DDoS IP protection for SMBs

DDoS IP Protection for SMBs is designed to provide enterprise-grade distributed denial of service protection at a price that's attractive to small and medium-size companies.


man looking through binocs spy hacker breach infiltrate gettyimages 164644457 by selimaksan 2400x16

Know thy enemy: thinking like a hacker can boost cybersecurity strategy

Putting on a red hat and trying to understand the motivations, expectations, behaviors, and goals of bad actors can be a key part of a solid cybersecurity plan.


CSO > phishing / social engineering / security threat

Luna Moth callback phishing campaign leverages extortion without malware

Palo Alto’s Unit 42 investigated several incidents linked to the Luna Moth callback phishing extortion campaign that uses legitimate and trusted management tools instead of malware to exploit businesses.


secure remote work

How remote working impacts security incident reporting

Security teams must update their security incident reporting policies and processes to account for remote work or risk exposure to increased threats.