May 2023

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

Uncategorized /

Legion Malware Upgraded to Target SSH Servers and AWS Credentials 24/05/2023 at 14:34 By An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. “This recent update demonstrates a widening of scope, with new capabilities such the […]

React to this headline:

Loading spinner

Legion Malware Upgraded to Target SSH Servers and AWS Credentials Read More »

Legitimate Android app transforms into data-snooping malware

Android, cybercrime, Don't miss, ESET, Google Play, Malware, News, Privacy, trojan /

Legitimate Android app transforms into data-snooping malware 24/05/2023 at 11:16 By Help Net Security ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existence, the app was

React to this headline:

Loading spinner

Legitimate Android app transforms into data-snooping malware Read More »

Virtual Event Today: Threat Detection and Incident Response Summit

Featured, Malware & Threats, Threat Intelligence, Training & Awareness /

Virtual Event Today: Threat Detection and Incident Response Summit 24/05/2023 at 11:16 By Mike Lennon Join thousands of attendees as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack. (Register Now) The post Virtual Event Today: Threat Detection and Incident Response Summit appeared first

React to this headline:

Loading spinner

Virtual Event Today: Threat Detection and Incident Response Summit Read More »

N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware

Uncategorized /

N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware 24/05/2023 at 11:16 By The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC),

React to this headline:

Loading spinner

N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware Read More »

Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation

Uncategorized /

Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation 24/05/2023 at 11:16 By The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing

React to this headline:

Loading spinner

Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation Read More »

How to avoid shadow AI in your SOC

Artificial Intelligence, ChatGPT, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, security operations /

How to avoid shadow AI in your SOC 24/05/2023 at 07:57 By Help Net Security Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to integrating new artificial intelligence tools throughout their organizations. Shadow AI Employees are using the

React to this headline:

Loading spinner

How to avoid shadow AI in your SOC Read More »

CISO-level tips for securing corporate data in the cloud

cloud security, cybersecurity, data security, Don't miss, Hot stuff, SaaS, strategy, tips, Video /

CISO-level tips for securing corporate data in the cloud 24/05/2023 at 07:17 By Help Net Security The presence of each third-party application increases the potential for attacks, particularly when end users install them without proper oversight or approval. IT security teams face challenges in obtaining comprehensive knowledge about the apps connected to their corporate SaaS

React to this headline:

Loading spinner

CISO-level tips for securing corporate data in the cloud Read More »

Navigating the quantum leap in cybersecurity

CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, ISARA, News, opinion, quantum computing /

Navigating the quantum leap in cybersecurity 24/05/2023 at 07:17 By Mirko Zorz In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography. With over two decades of experience in cryptography and cybersecurity, Dr. Yamada discusses his vision

React to this headline:

Loading spinner

Navigating the quantum leap in cybersecurity Read More »

6 ChatGPT risks for legal and compliance leaders

Artificial Intelligence, ChatGPT, Compliance, cybersecurity, Gartner, News, Privacy, risk /

6 ChatGPT risks for legal and compliance leaders 24/05/2023 at 06:12 By Help Net Security Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use of generative AI tools, according to Gartner. “The output generated by ChatGPT and other large language

React to this headline:

Loading spinner

6 ChatGPT risks for legal and compliance leaders Read More »

Against the Clock: Cyber Incident Response Plan

Trend Micro CISO : Article, Trend Micro CISO : Cyber Insurance, Trend Micro CISO : Detection and Response, Trend Micro CISO : Expert Perspective, Trend Micro CISO : Risk Management /

Against the Clock: Cyber Incident Response Plan 24/05/2023 at 05:14 By Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows. This article is an excerpt from Trend Micro Research,

React to this headline:

Loading spinner

Against the Clock: Cyber Incident Response Plan Read More »

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

mikrotik, Network Security, Vulnerabilities /

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own 23/05/2023 at 21:33 By Ryan Naraine MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto. The post Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own Read More »

Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign

cybercrime, email security, phishing /

Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign 23/05/2023 at 21:33 By Kevin Townsend A credential phishing campaign using the legitimate SuperMailer newsletter distribution app has doubled in size each month since January 2023. The post Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign Read More »

Industrial sector faced highest number of ransomware attacks in April

Uncategorized /

Industrial sector faced highest number of ransomware attacks in April 23/05/2023 at 21:18 By The volume of ransomware attacks remained high with 352 attacks in April, the second-highest month on record, according to a recent report. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Industrial sector faced highest number of ransomware attacks in April Read More »

NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks

Industry news, Netscout /

NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks 23/05/2023 at 20:39 By Industry News NETSCOUT has introduced Arbor Sightline Mobile and MobileStream to answer mobile network operators’ (MNO) need for scalable, real-time visibility, detection, and mitigation of threats that can impact the performance and availability of 4G/5G mobile consumer services

React to this headline:

Loading spinner

NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks Read More »

Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches

Delinea, Industry news /

Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches 23/05/2023 at 20:02 By Industry News Delinea announced the latest version of Cloud Suite, part of its Server PAM solution, which provides privileged access to and authorization for servers. Delinea Cloud Suite updates include more granular support for just-in-time (JIT) and just-enough

React to this headline:

Loading spinner

Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches Read More »

New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments

APT, Asia, Cyberwarfare, spyware /

New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments 23/05/2023 at 19:48 By Ionut Arghire The newly detailed GoldenJackal APT has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. The post New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments Read More »

Hornetsecurity 365 Permission Manager helps companies protect critical data

Hornetsecurity, Industry news /

Hornetsecurity 365 Permission Manager helps companies protect critical data 23/05/2023 at 19:31 By Industry News Hornetsecurity launched 365 Permission Manager – a user-friendly, admin-centred solution to manage permissions, enforce compliance policies, and monitor violations within Microsoft 365 (M365). This innovative solution brings ease and order to the tracking of employee access to M365 sites, files

React to this headline:

Loading spinner

Hornetsecurity 365 Permission Manager helps companies protect critical data Read More »

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

Uncategorized /

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments 23/05/2023 at 19:18 By Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group’s activities since mid-2020, characterized the adversary as both

React to this headline:

Loading spinner

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments Read More »

Red Hat Advanced Cluster Security Cloud Service scales cloud-native security across the hybrid cloud

Industry news, Red Hat /

Red Hat Advanced Cluster Security Cloud Service scales cloud-native security across the hybrid cloud 23/05/2023 at 19:04 By Industry News Red Hat Advanced Cluster Security Cloud Service brings together Kubernetes-native security capabilities with the convenience and support of a fully Red Hat-managed offering. The cloud service enables organizations to take a security-forward approach to building,

React to this headline:

Loading spinner

Red Hat Advanced Cluster Security Cloud Service scales cloud-native security across the hybrid cloud Read More »

Scroll to Top