Obrela's latest Digital Universe report reveals shift to stealthier, more sophisticated attacks
Brute force attacks surge, fileless techniques rise and attackers evolve toward stealth and scale.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
From GrimResource to PureLogs Stealer: Dissecting a Recent Attack
BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) researchers have uncovered a recent cyber campaign featuring a unique twist on fake browser updates. This attack leveraged the GrimResource vulnerability and delivered the PureLogs stealer malware to targeted environments through disguised Microsoft Management Console (MSC) files.
Preventing Cyber Attacks Against HR Teams
HR teams manage some of the most sensitive data in your organization. Watch this video to learn how Keeper protects HR departments from cyber threats and helps secure employee data at every level.
Beware the Sandworm: The Shai-Hulud Attack Explained
A new and dangerous self-replicating worm has been identified targeting the JavaScript repository NPM, infecting at least 187 code packages. The novel malware strain is engineered to steal credentials from developers and publish them to a new public GitHub repository. The worm automatically propagates itself by copying its code into the top 20 most popular packages maintained by the compromised user and publishing them as new versions.
Is your VPN a silent entry point for attackers?
Is your VPN a silent entry point for attackers? Credential stuffing and password spraying exploit weak authentication, giving attackers a way into VPNs and edge network devices — making them prime targets in today’s identity-driven threat landscape. In this snippet, our expert breaks down: Watch the full webinar: Adapting to a New Paradigm in Security – Implementing ITDR in Your SOC: netwrix.com/go/adapting-to-a-new-paradigm-in-security-yt.
NPM Ecosystem Under Siege: Self-Propagating Malware Compromises 187 Packages in a Huge Supply Chain Attack
The NPM ecosystem has been rocked by one of its widest supply chain attacks to date, with over 187 popular packages compromised by advanced malware capable of self-propagation and automated credential harvesting. This attack, affecting packages with millions of weekly downloads including angulartics2, ngx-toastr, and @ctrl/tinycolor, demonstrates how cybercriminals are evolving their tactics to create “worm-like” malware that can autonomously spread across the software supply chain.
Shai-Hulud: A Persistent Secret Leaking Campaign
On September 15, a new supply chain attack was identified that targeted the @ctrl/tinycolor and 150 other NPM packages. The attack scenario was similar to the one used in the s1ngularity and GhostActions campaigns. The threat actors combined a local environment secrets extraction with a malicious GitHub actions workflow injection in accessible projects. The compromised packages' structure has been detailed in blog posts by socket.dev and StepSecurity.
Why DFIR: A Guide to Digital Forensics and Incident Response Services and Retainers
No organization likes to contemplate being successfully hit with a cyberattack, but turning a blind eye to the possibility is the exact wrong thing to do. Digital Forensics and Incident Response (DFIR) planning and retainers, like car, home, and health insurance, are a necessity in case the unthinkable happens.
Zero-day Extensive NPM Package Compromise - Shai Hulud Supply Chain Attack
This is an ongoing incident and updates will be provided as more information is confirmed.
Tales from the fraud frontlines: The growing threat of DDoS attacks - and how to prevent them
Picture this: It’s a busy weekday afternoon and your online payment platform is humming with activity. Suddenly, everything slows down. Customers complain that transactions are failing, your website goes offline, and your team scrambles to figure out what’s happening. The culprit? A Distributed Denial of Service (DDoS) attack.