Moonstone Sleet: A new North Korean threat actor 2024-05-29 at 15:46 By Zeljka Zorz Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, and procedures (TTPs) also used by other North Korean […]
Moonstone Sleet: A new North Korean threat actor Read More »
How fraudsters stole $37 million from Coinbase Pro users 2024-05-29 at 13:46 By Zeljka Zorz A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users. One of them – Chirag Tomar, a 30-year-old citizen of the Republic of India – has
How fraudsters stole $37 million from Coinbase Pro users Read More »
PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992) 2024-05-29 at 13:01 By Zeljka Zorz Horizon3.ai researches have released proof-of-concept (PoC) exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command execution as root on certain Fortinet FortiSIEM appliances. CVE confusion FortiSIEM helps customers build an inventory of their organization’s assets, it
Avoiding the cybersecurity blame game 2024-05-29 at 07:31 By Help Net Security Cyber risk management has many components. Those who do it well will conduct comprehensive risk assessments, enact well-documented and well-communicated processes and controls, and fully implemented monitoring and review requirements. Processes and controls typically comprise policies, which will include detailed explanations of the
Avoiding the cybersecurity blame game Read More »
RansomLord: Open-source anti-ransomware exploit tool 2024-05-29 at 07:01 By Mirko Zorz RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mistakes and can write bad code just like everyone else,”
RansomLord: Open-source anti-ransomware exploit tool Read More »
Cybersecurity jobs available right now: May 29, 2024 2024-05-29 at 06:31 By Anamarija Pogorelec Cloud Security Engineer – Secret Clearance Required Constellation West | USA | Remote – View job details As a Cloud Security Engineer, you will establish, execute, and sustain an ISSP A&A capability that ensures the security of all information technology assets,
Cybersecurity jobs available right now: May 29, 2024 Read More »
A closer look at GenAI impact on businesses 2024-05-29 at 06:01 By Help Net Security This article includes excerpts from various reports that provide statistics and insights on GenAI and its impact on businesses. CEOs accelerate GenAI adoption despite workforce resistance IBM | IBM study | May 2024 63% of CEOs say their teams have
A closer look at GenAI impact on businesses Read More »
Attackers are probing Check Point Remote Access VPN devices 2024-05-28 at 12:46 By Zeljka Zorz Attackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. Their ultimate goal is to use that access to discover and pivot to other enterprise assets
Attackers are probing Check Point Remote Access VPN devices Read More »
The evolution of security metrics for NIST CSF 2.0 2024-05-28 at 08:03 By Help Net Security CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or single indicators — vulnerabilities detected, percentage of vulnerabilities patched, software and hardware asset inventory
The evolution of security metrics for NIST CSF 2.0 Read More »
How to combat alert fatigue in cybersecurity 2024-05-28 at 07:31 By Mirko Zorz In this Help Net Security interview, Ken Gramley, CEO at Stamus Networks, discusses the primary causes of alert fatigue in cybersecurity and DevOps environments. Alert fatigue results from the overwhelming volume of event data generated by security tools, the prevalence of false
How to combat alert fatigue in cybersecurity Read More »
Widespread data silos slow down security response times 2024-05-28 at 06:31 By Help Net Security Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to corporate misalignment and elevated security risk, according to Ivanti. Leadership plays a crucial role
Widespread data silos slow down security response times Read More »
34% of organizations lack cloud cybersecurity skills 2024-05-28 at 06:01 By Help Net Security Incident response today is too time consuming and manual, leaving organizations vulnerable to damage due to their inability to efficiently investigate and respond to identified threats, according to Cado Security. The incident response challenge is further complicated as enterprises rapidly deploy
34% of organizations lack cloud cybersecurity skills Read More »
Human error still perceived as the Achilles’ heel of cybersecurity 2024-05-27 at 07:31 By Help Net Security While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs’ confidence is growing despite fear of
Human error still perceived as the Achilles’ heel of cybersecurity Read More »
Chronon: Open-source data platform for AI/ML applications 2024-05-27 at 07:01 By Mirko Zorz Chronon is an open-source, end-to-end feature platform designed for machine learning (ML) teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams, and services,
Chronon: Open-source data platform for AI/ML applications Read More »
Digital ID adoption: Implementation and security concerns 2024-05-27 at 06:31 By Help Net Security As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. The role of digital identity in efficiency and services security Digital identity is considered
Digital ID adoption: Implementation and security concerns Read More »
Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel 2024-05-26 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) For the eighth time this year, Google
US retailers under attack by gift card-thieving cyber gang 2024-05-24 at 14:01 By Zeljka Zorz Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards. Microsoft then went more in-dept on the group’s tactics, techniques,
US retailers under attack by gift card-thieving cyber gang Read More »
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) 2024-05-24 at 10:46 By Zeljka Zorz For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit. About CVE-2024-5274 As per usual, Google keeps technical details of the vulnerability
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) Read More »
Product showcase: Alert – Data breach detector for your email, credit card, and ID 2024-05-24 at 08:31 By Help Net Security Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches
Product showcase: Alert – Data breach detector for your email, credit card, and ID Read More »
Fail2Ban: Ban hosts that cause multiple authentication errors 2024-05-24 at 08:02 By Mirko Zorz Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a configurable
Fail2Ban: Ban hosts that cause multiple authentication errors Read More »