News
Gigabyte firmware component can be abused as a backdoor
Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.
Inactive, unmaintained Salesforce sites vulnerable to threat actors
Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by malicious actors.
Trellix, Netskope announce new Amazon Security Lake support to enhance threat detection, remediation
Trellix expands XDR support for Amazon Security Lake while Netskope integrates its SSE platform with AWS’ centralized security data service.
Barracuda patches zero-day vulnerability exploited since October
The vulnerability stemmed from incomplete input validation of user-supplied .tar files as it pertains to the names of the files contained within the archive.
Phishing remained the top identity abuser in 2022: IDSA report
The survey revealed phishing as the most common identity-related incident in 2022, with “emails” as the most popular type.
Frontegg launches entitlements engine to streamline access authorization
Frontegg’s new entitlement engine will be powered by context-aware logic controls (CALC) technology to effect context-based, fine-grained authorization controls.
Screen recording Android app found to be spying on users
iRecorder was a legitimate app made available on Google Play Store in September 2021. A remote access trojan AhRat was most likely added to it a year later.
Hackers hold city of Augusta hostage in a ransomware attack
The ransomware group has released 10GB of sample data from the cyberattack on the US city of Augusta and claimed they have a lot more data available.
New phishing technique poses as a browser-based file archiver
The new technique has a hacker simulate an archiving app in the web browser to trick victims as they try to access a .zip domain.
Researchers find new ICS malware toolkit designed to cause electric power outages
Mandiant recommends threat-hunting steps to detect COSMICENERGY despite no confirmed attacks in the wild.
New CISO appointments, February 2023
Keep up with news of CSO, CISO, and other senior security executive appointments.
How to check for new exploits in real time? VulnCheck has an answer
VulnCheck’s new database tracks exploits for fresh vulnerabilities in real time and allows for search using CVE IDs.
Inactive accounts pose significant account takeover security risks
Inactive accounts that haven’t been accessed for extended periods are more likely to be compromised due to password reuse and lack of multifactor authentication.
Microsoft links attacks on American critical infrastructure systems to China
The Chinese nation-state actor has been actively conducting espionage and information-gathering attacks on American systems since mid-2021.
SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups
Research shows a shift toward advanced persistent threat actors compromising smaller organization, in part to enable other attacks.
New hyperactive phishing campaign uses SuperMailer templates: Report
Network security firm Cofense was able to identify a code trace in phishing emails that revealed SuperMailer abuse in the attacks.
US sanctions four North Korean entities for global cyberattacks
North Korean hackers stole more virtual currency in 2022 than in any previous year, with estimates ranging from $630 million to over $1 billion — reportedly doubling Pyongyang’s total cybertheft proceeds in 2021.
CyberArk’s enterprise browser promises zero-trust support, policy management
The identity security vendor is set to launch an enterprise browser in response to increasing post-MFA attacks on session cookies.
Most Popular
BrandPosts
Learn more-
Sponsored by Microsoft Security
-
Sponsored by Cisco
-
Sponsored by Fortinet