WithSecure

How ransomware tactics are shifting, and what it means for your business

attacks, CISO, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, strategy, threats, WithSecure /

How ransomware tactics are shifting, and what it means for your business 2024-09-03 at 07:01 By Mirko Zorz In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting structures, and a fragmented […]

React to this headline:

Loading spinner

How ransomware tactics are shifting, and what it means for your business Read More »

The changing dynamics of ransomware as law enforcement strikes

cybercrime, Don't miss, News, Ransomware, report, survey, WithSecure /

The changing dynamics of ransomware as law enforcement strikes 2024-08-23 at 06:31 By Help Net Security After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, according to WithSecure. Sectors impacted by ransomware (Source: WithSecure) While ransomware productivity has shown signs of

React to this headline:

Loading spinner

The changing dynamics of ransomware as law enforcement strikes Read More »

Mass exploitation is the new primary attack vector for ransomware

CVE, cybersecurity, exploit, News, report, survey, WithSecure /

Mass exploitation is the new primary attack vector for ransomware 2024-06-18 at 07:01 By Help Net Security The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) in the Known Exploited

React to this headline:

Loading spinner

Mass exploitation is the new primary attack vector for ransomware Read More »

Expand your library with these cybersecurity books

books, cybersecurity, N2K, Stamus Networks, Video, WithSecure /

Expand your library with these cybersecurity books 2024-04-15 at 06:04 By Help Net Security In this Help Net Security video round-up, authors discuss their cybersecurity books and provide an inside look at each title. Complete videos George Finney, CSO at Southern Methodist University, talks about his book – “Project Zero Trust: A Story about a

React to this headline:

Loading spinner

Expand your library with these cybersecurity books Read More »

How exposure management elevates cyber resilience

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, News, opinion, risk, security controls, shadow IT, WithSecure /

How exposure management elevates cyber resilience 2024-04-09 at 07:46 By Help Net Security Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset identification and understand their assets’ security posture in relation to the whole estate. Instead of asking, “Are we exposed?” organizations

React to this headline:

Loading spinner

How exposure management elevates cyber resilience Read More »

Drozer: Open-source Android security assessment framework

Android, Application Security, Don't miss, GitHub, Hot stuff, mobile security, News, open source, penetration testing, software, WithSecure /

Drozer: Open-source Android security assessment framework 2024-03-27 at 06:32 By Mirko Zorz Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of

React to this headline:

Loading spinner

Drozer: Open-source Android security assessment framework Read More »

Government organizations’ readiness in the face of cyber threats

Avertium, Black Kite, CivicPlus, critical infrastructure, Government, threat detection, threats, training, Video, VMWare, WithSecure /

Government organizations’ readiness in the face of cyber threats 2024-01-15 at 06:01 By Help Net Security Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive data. These threats are diverse in nature, originating from various actors such as nation-states, hacktivist groups, and organized cybercrime entities.

React to this headline:

Loading spinner

Government organizations’ readiness in the face of cyber threats Read More »

The impact of prompt injection in LLM agents

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, risk, WithSecure /

The impact of prompt injection in LLM agents 19/12/2023 at 08:31 By Help Net Security Prompt injection is, thus far, an unresolved challenge that poses a significant threat to Language Model (LLM) integrity. This risk is particularly alarming when LLMs are turned into agents that interact directly with the external world, utilizing tools to fetch

React to this headline:

Loading spinner

The impact of prompt injection in LLM agents Read More »

CISOs can marry security and business success

CISO, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, strategy, WithSecure /

CISOs can marry security and business success 22/11/2023 at 08:33 By Help Net Security With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to ensure the organization succeeds, and that’s the reason CISOs

React to this headline:

Loading spinner

CISOs can marry security and business success Read More »

Researchers uncover DarkGate malware’s Vietnamese connection

cybercrime, cybercriminals, Malware, News, Remote Access Trojan, WithSecure /

Researchers uncover DarkGate malware’s Vietnamese connection 20/10/2023 at 14:02 By Help Net Security WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam. DarkGate is a remote access trojan (RAT) that has been used in attacks since at least 2018 and is currently available to cybercriminals as

React to this headline:

Loading spinner

Researchers uncover DarkGate malware’s Vietnamese connection Read More »

DIY attack surface management: Simple, cost-effective and actionable perimeter insights

Cloud, cybersecurity, DNS, Don't miss, Expert analysis, Expert corner, exploit, GitHub, Hot stuff, misconfiguration, News, open source, opinion, SaaS, vulnerability, web application, WithSecure /

DIY attack surface management: Simple, cost-effective and actionable perimeter insights 16/10/2023 at 11:46 By Help Net Security Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers. Assets can be created and forgotten about, only

React to this headline:

Loading spinner

DIY attack surface management: Simple, cost-effective and actionable perimeter insights Read More »

WithSecure announces new capabilities to help organizations manage security risks

Industry news, WithSecure /

WithSecure announces new capabilities to help organizations manage security risks 12/10/2023 at 17:31 By Industry News WithSecure has continued to evolve its Elements cloud-based security platform with the addition of several new capabilities and services that can help organizations manage risks associated with cyber attacks. WithSecure Elements, which can be managed by a trusted service

React to this headline:

Loading spinner

WithSecure announces new capabilities to help organizations manage security risks Read More »

Emerging threat: AI-powered social engineering

Artificial Intelligence, cybercrime, cybersecurity, deepfakes, Don't miss, Email, Europe, Expert analysis, Expert corner, extortion, Hot stuff, law, News, phishing, social engineering, WithSecure /

Emerging threat: AI-powered social engineering 06/09/2023 at 07:32 By Help Net Security Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that we might be facing more elaborate social engineering attacks in the future. It is becoming increasingly evident that the

React to this headline:

Loading spinner

Emerging threat: AI-powered social engineering Read More »

APTs use of lesser-known TTPs are no less of a headache

APT, attacks, Don't miss, Expert analysis, Expert corner, Hot stuff, Malware, opinion, strategy, WithSecure /

APTs use of lesser-known TTPs are no less of a headache 14/08/2023 at 08:32 By Help Net Security APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone is fair game, and

React to this headline:

Loading spinner

APTs use of lesser-known TTPs are no less of a headache Read More »

Staying ahead of the “professionals”: The service-oriented ransomware crime industry

cybercrime, cybersecurity, Expert analysis, Expert corner, Hot stuff, opinion, Ransomware, threats, WithSecure /

Staying ahead of the “professionals”: The service-oriented ransomware crime industry 12/07/2023 at 07:35 By Help Net Security Ransomware has been a hugely profitable industry for criminal gangs for the last few years. The total amount of ransom paid since 2020 is estimated to be at least $2 billion, and this has both motivated and enabled

React to this headline:

Loading spinner

Staying ahead of the “professionals”: The service-oriented ransomware crime industry Read More »

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Data leak, Don't miss, extortion, file-sharing, Hot stuff, News, Progress, USA, vulnerability, WithSecure /

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) 19/06/2023 at 15:09 By Zeljka Zorz Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to

React to this headline:

Loading spinner

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) Read More »

AI: Interpreting regulation and implementing good practice

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, opinion, regulation, standards, WithSecure /

AI: Interpreting regulation and implementing good practice 08/06/2023 at 08:05 By Help Net Security Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into business-specific systems, model provenance and assurance have not always necessarily been documented nor built into company policy.

React to this headline:

Loading spinner

AI: Interpreting regulation and implementing good practice Read More »

WithSecure’s USB armory enables post-quantum cryptography in space

Industry news, WithSecure /

WithSecure’s USB armory enables post-quantum cryptography in space 01/06/2023 at 19:35 By Industry News WithSecure’s USB armory is an open-sourced, single board computer with a unique form factor and capabilities. It has been used in a variety of applications, including (but not limited to) encrypted storage solutions, hardware security modules (HSM), enhanced smart cards, electronic

React to this headline:

Loading spinner

WithSecure’s USB armory enables post-quantum cryptography in space Read More »

WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations

Industry news, WithSecure /

WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations 23/05/2023 at 15:18 By Industry News WithSecure has released Cloud Security Posture Management, a new module for its WithSecure Elements security platform, that identifies insecure cloud configurations attackers use to compromise networks. It’s now become commonplace for organizations to incorporate cloud-based infrastructure-as-a-service (IaaS) offerings

React to this headline:

Loading spinner

WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations Read More »

Prevent attackers from using legitimate tools against you

Artificial Intelligence, attacks, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, Malware, opinion, Ransomware, vulnerability, WithSecure /

Prevent attackers from using legitimate tools against you 10/05/2023 at 07:21 By Help Net Security Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious

React to this headline:

Loading spinner

Prevent attackers from using legitimate tools against you Read More »

Scroll to Top