Please turn on your JavaScript for this page to function normally.
Legion AWS credential harvester
Legion AWS credential harvester and hijacker analyzed

Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …

bad bots
Bad bots are coming for APIs

In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva. The proportion of human traffic (52.6%) decreased to its …

ransomware
Refined methodologies of ransomware attacks

Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when …

idea
Data-driven insights help prevent decisions based on fear

Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …

identity
Using just-in-time access to reduce cloud security risk

Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the …

Eva Maler
Overcoming industry obstacles for decentralized digital identities

In this Help Net Security interview, Eve Maler, CTO at ForgeRock, talks about how digital identities continue to play a critical role in how we access online services …

router
Researchers discover sensitive corporate data on decommissioned routers

Looking at configuration data, 56% of decommissioned routers disposed of and sold on the secondary market contained sensitive corporate data, according to ESET. Of the …

Kodi
Kodi forum breach: User data, encrypted passwords grabbed

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a …

hand
Rilide browser extension steals MFA codes

Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals …

Okta
A common user mistake can lead to compromised Okta login credentials

Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those …

malware
Exfiltration malware takes center stage in cybersecurity concerns

While massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to …

snake, threat
33% of attacks in the cloud leverage credential access

Elastic released the 2022 Elastic Global Threat Report, detailing the evolving nature of cybersecurity threats, as well as the increased sophistication of cloud and …

Don't miss

Cybersecurity news