Guide to mitigating credential stuffing attacks
We have a collective unaddressed weakness when it comes to basic cybersecurity. Out of the many reports circulating in the news today, many statistics revolve around the …
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money …
Why are threat actors faking data breaches?
Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched an investigation, …
1 out of 3 breaches go undetected
Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security …
Cracking down on cybercrime: Who you gonna call?
As cybercrime continues to grow, law enforcement agencies worldwide face increased challenges in safeguarding organizations and individuals. In this article, we highlight law …
Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The rise of SaaS security teams In this Help Net Security interview, Hillary …
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary …
US bans Kaspersky antivirus software due to national security risks
The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business …
Cilium: Open-source eBPF-based networking, security, observability
Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What …
Pressure mounts on CISOs as SEC bares teeth with legal action
A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a key indicator …
New infosec products of the week: June 21, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Datadog, Metomic, NinjaOne, Verimatrix, and Veritas Technologies. Datadog …
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an …