News
Malware builder uses fresh tactics to hit victims with Agent Tesla RAT
A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.
![Security threat [illustration] > A hacker with black hat, mask, and crowbar breaks into a laptop.](https://images.idgesg.net/images/article/2021/06/hacker_hackingsecurity_threat_crime_criminal_with_black_hat_mask_and_crowbar_breaks_into_a_laptop_by_drdrawer_shutterstock_1364574311_royalty-free_digital-only_2400x1600-100890822-small.3x2.jpg?auto=webp&quality=85,70)
Most hackers need 5 hours or less to break into enterprise environments
A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.
Cryptojacking, DDoS attacks increase in container-based cloud systems
Victims lose $53 for every $1 cryptojackers gain, according to a new report from Sysdig.
16 Wall Street firms fined $1.8B for using private text apps, lying about it
The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages.
UK organizations, Ukraine's allies warned of potential "massive" cyberattacks by Russia
UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure.
Zoho ManageEngine flaw is actively exploited, CISA warns
Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments.
US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets
Advisory from the Cybersecurity and Infrastructure Security Agency and the National Security Agency outlines steps to protect operational technology and industrial control systems.
Jamf buys ZecOps to bring high-end security to Apple enterprise
ZecOps protects world-leading enterprises, governments, and individuals; Jamf has acquired it to help secure the enterprise.
97% of enterprises say VPNs are prone to cyberattacks: Study
Since the shift to remote and hybrid work, 44% of organizations have witnessed an increase in exploits targeting VPNs, and many are moving toward zero-trust security, according to a report from Zscaler.
![Tech Spotlight > Analytics [CSO] > An image of a bottle of poison emanating binary code.](https://images.idgesg.net/images/article/2021/04/spot_analytics_04_cso_bottle_of_poison_by_arek_socha_aka_qimono_cc0-like_via_pixabay_binary_spiral_by_gordon_johnson_aka_gdj_cc0-like_via_pixabay_3x2_2400x1600_hero-100884335-small.3x2.jpg?auto=webp&quality=85,70)
SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware
The sophisticated campaign sends victims looking for business forms and templates to sites containing malicious files.
A third of Australian population likely affected in Optus cyberattack
Breached information includes names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers.
Ransomware operators might be dropping file encryption in favor of corrupting files
Corrupting files is faster, cheaper, and less likely to be stopped by endpoint protection tools than encrypting them.
Former Broadcom engineer gets eight months in prison for trade secrets theft
Peter Kisang Kim admitted to stealing Broadcom data related to its Trident family of network switching and cloud networking chipsets, while working for a Chinese startup.
Report: The state of secure identity 2022
New research from Okta’s Auth0 access management platform found that credential stuffing and fraudulent registration attacks are on the rise.
Ransomware is (slightly) on the decline, cyberinsurance company says
While ransomware attacks remain highly dangerous, data from a prominent insurer suggests that their frequency and severity is beginning to decline.
CrowdStrike adds XDR, other capabilites across 4 key security products
CrowdStrike is adding XDR (extended detection and response) features to Falcon Insight, and a raft of enhancement to CrowdStrike Cloud Security, Humio and Falcon Discover.
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
Palo Alto Networks has added a new SCA solution to Prisma Cloud to help developers safely use open-source software components. The vendor has also introduced a software bill of materials.
Uber links cyberattack to LAPSUS$, says sensitive user data remains protected
Attacker likely bought employee account credentials on the dark web and then escalated privileges to access internal tools.
Most Popular
![Digital bugs amid binary code. [security threats / malware / breach / hack / attack]](https://images.idgesg.net/images/article/2020/09/digital_bugs_amid_binary_code_security_threats_malware_breach_hack_attack_by_whatawin_gettyimages-1188254819_2400x1600-100858616-medium.3x2.jpg?auto=webp&quality=85,70)
BrandPosts
Learn more-
Sponsored by Juniper Networks
-
Sponsored by Devo
-
Sponsored by Microsoft Security