Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Brian Krebs wrote: "A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. "According to interviews with victims, several of the attacks began with an interview request from someone posing as a reporter for a crypto-focused news outlet online.

As audio deepfake technology continues to go mainstream as part of the evolution in AI-based tools, new data shows there are plenty of victims and they aren’t prepared for such an attack. Imagine you get a call from your child or grandchild telling you they’re in some kind of trouble, an accident, etc. and need money. And it really does sound like them. Would you help? Scammers who are making use of AI to synthesize sound-alike voices as part of vishing scam calls are hoping you will.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has identified and designated Mikhail Matveev for his role in ransomware attacks back 2021. When the U.S. sanctions a country, a business, or a group, the intent is to A) confiscate any and all property owned by the designee within the U.S. or in the possession of a U.S. person, and B) add the designee to the Specially Designated Nationals and Blocked Persons (SDN) List.

The PHP community came together in Chicago for php 2023, sharing best practices and the latest updates from the language and frameworks that run over 77% of the internet.

According to independent research conducted for the Egress Data Loss Prevention Report, 85% of employees are sending more emails than ever before and 80% of are using email to share sensitive data with clients and colleagues. To ensure users can be productive, Microsoft has continued to evolve Outlook to provide a richer and more integrated email experience for end users, adding functionality like autocomplete, clutter, and message access via the reading pane.

The theft of users’ credentials is a growing industry. The market for compromised credentials is vast and has huge potential due to: These factors have created a lucrative market for cybercriminals who are able to steal credentials and sell them on the black market. The stolen credentials can then be used to access personal and financial information, commit identity theft, or launch other cyberattacks.

The AWS cloud platform is one of the most used cloud platforms in the world. It gives companies a level of flexibility with its myriad of uses but it is not without its own challenges, namely, maintaining security.

We all know that cyberattacks in the public sector are mounting. Over 100 state and municipal governments and dozens of school districts were compromised by ransomware last year. And geopolitical tensions will only embolden both state-linked and financially motivated threat actors going forward. These are uneasy times for cybersecurity leaders at these government and education sector entities. But help is at hand.

The cybersecurity landscape is witnessing a phenomenon that has come to be known as the “Great Resignation” among Chief Information Security Officers (CISOs). The challenges faced by CISOs in coping with ever-increasing regulations, compliance mandates, and the need for skilled resources have reached a tipping point. Coupled with a lack of cooperation from the C-suite, these factors have led to a surge in burnout among CISOs.

Supply chain security has been a top concern for risk management leaders ever since the high-profile attacks to SolarWinds and Log4j took place. While there's no one-size-fits-all way to identify, assess, and manage cyber risks in the supply chain, MITRE's System of Trust Framework offers a comprehensive, consistent, and repeatable methodology for evaluating suppliers, supplies, and service providers alike.