News Analyses
(ISC)2 pilots new entry-level cybersecurity certification to tackle workforce shortages
New certification aims to validate knowledge of foundational cybersecurity concepts and best practices to address skills gap. Is another cybersecurity qualification the answer?
How shape-shifting threat actors complicate attack attribution
Researchers explain how they identified—or failed to identify—the threat actors behind three high-profile incidents and why attribution is so difficult.
Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation
The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.
Google forms Cybersecurity Action Team to support customer security transformation
Google’s initiative will offer security and compliance services to guide governments, critical infrastructure, enterprises, and small businesses through digital transformation.
October is high season for cyberattacks, Infosec Institute study shows
A study by Infosec Institute indicates that there has been an exponential increase in cyberattacks globally in the last five years, and a major part of it happened in the month of October each year as attackers apparently exploit...
TSA to issue cybersecurity requirements for US rail, aviation sectors
New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.
Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan
The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.
One Identity acquires OneLogin in bid to offer consolidated IAM suite
In a move to offer its customers a consolidated suite of security applications, One Identity has acquired OneLogin, an IAM (identity and access management) provider, adding to its own set of PAM (privileged access management, IGA...
FCC asks carriers to step up to stop SIM swapping, port-out fraud
The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.
Why today’s cybersecurity threats are more dangerous
Greater complexity and interdependence among systems gives attackers more opportunity for widespread, global damage, say government and industry experts.
APT29 targets Active Directory Federation Services with stealthy backdoor
The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.
Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots
The automated bots are highly successful because they effectively emulate legitimate service providers.
MITRE ATT&CK, VERIS frameworks integrate for better incident insights
The MITRE ATT&CK/VERIS collaboration aims to create a common dictionary for communicating information about security incidents.
US cryptocurrency exchange sanctions over ransomware likely not the last
The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.
Software cybersecurity labels face practical, cost challenges
The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.
APT actors exploit flaw in ManageEngine single sign-on solution
US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.
How APTs become long-term lurkers: Tools and techniques of a targeted attack
A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.
