Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malvertising–also called malicious advertising–is when cybercriminals use advertisements to infect devices with malware. Malvertising can appear on any advertisement you see online, you don’t necessarily have to be on a malicious website to be a victim of this cyberthreat. When a victim is exposed to a malvertisement, their device and data are at risk of being compromised, even if they don’t interact with the advertisement.

In 1991, a weather system formed off the east coast of the United States with a cold front that created a low pressure ridge to the east of Nova Scotia. At the same time, a high-pressure system extending out from the Appalachian Mountains forced the ridge first southeast and then to the west, where it encountered the remnants of Hurricane Grace, which it promptly absorbed and swelled in size as it did so.

The Knight ransomware-as-a-service offering (formerly known as “Cyclops”) is using phony TripAdvisor complaints to deliver its malware, BleepingComputer reports. “A newer version of this campaign spotted and analyzed by BleepingComputer now includes an HTML attachment named 'TripAdvisor-Complaint-.PDF.htm,’” BleepingComputer says.

In a recent panel discussion led by David Neuman, Sr. Analyst with TAG Cyber, ThreatQuotient’s Dave Krasik, Sr. Director of Product Management and Jessica Bair Oppenheimer, Director, Cisco Security Strategic Alliances shared their insights on data-driven security operations. The discussion focused on the challenges and importance of prioritizing, automating and collaborating to detect and respond to threats, and was followed by a demo of the ThreatQ Platform.

Hospitality Staffing Solutions is a short-term employment provider or temp agency that sends workers to a variety of hospitality-related organizations. Companies such as restaurants, hotels, colleges, casinos, senior living, and some light industrial establishments rely on workers provided by the company. The organization employs over 10,000 people and earns an estimated $4.3 billion in revenue annually.

As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7%, with an average of 1,248 attacks reported per week.

Today, electricity is so ubiquitous that it’s difficult to perform even basic tasks without it. But when electricity was first introduced, it took decades for broad acceptance and adoption because it was misunderstood and misused. Slowly, the benefits began to outweigh the cons. As with any innovation, there are setbacks, but electricity has overwhelmingly been a force for good. The same can be said about cybersecurity risk ratings. Are they perfect? No.

The Vitality Group, LLC, a business-to-business vendor that provides employee benefit services to GuidePoint Security, experienced a security vulnerability on May 30, 2023 relating to the third-party file transfer program called MOVEit. The zero-day vulnerability became known in established security networks and channels late on May 31, 2023, and was specifically picked up and identified by internal Vitality security personnel on June 1, 2023.

By now you’ve heard about the new cybersecurity rules from the U.S. Securities and Exchange Commission (SEC) requiring public companies to report material cybersecurity incidents and disclose critical information related to cybersecurity risk management, expertise, and governance. Companies will be required to disclose risks in their annual reports beginning on December 15, 2023.

DevSecOps best practices are increasingly being adopted to secure software supply chains. The challenge is finding ways to optimize these processes. Here are seven key considerations to help you adopt a successful and secure DevSecOps methodology.