WithSecure
Emerging threat: AI-powered social engineering
Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that …
APTs use of lesser-known TTPs are no less of a headache
APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against …
Staying ahead of the “professionals”: The service-oriented ransomware crime industry
Ransomware has been a hugely profitable industry for criminal gangs for the last few years. The total amount of ransom paid since 2020 is estimated to be at least $2 billion, …
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)
Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …
AI: Interpreting regulation and implementing good practice
Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into …
WithSecure’s USB armory enables post-quantum cryptography in space
WithSecure’s USB armory is an open-sourced, single board computer with a unique form factor and capabilities. It has been used in a variety of applications, including (but not …
WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations
WithSecure has released Cloud Security Posture Management, a new module for its WithSecure Elements security platform, that identifies insecure cloud configurations attackers …
Prevent attackers from using legitimate tools against you
Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. …
Outcome-based cybersecurity paves way for organizational goals
Organizations follow a reactive approach to cybersecurity which is stifling their progress in demonstrating value and aligning with business outcomes, according to WithSecure. …
Malware and machine learning: A match made in hell
We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early …
Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the …
Preventing corporate data breaches starts with remembering that leaks have real victims
When it comes to data breaches, organizations are generally informed about the risks and procedures for mitigating them. They can (typically) respond with minimal collateral …
Featured news
Resources
Don't miss
- SafeLine: Open-source web application firewall (WAF)
- Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
- Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
- Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
- Phishers send corrupted documents to bypass email security