Malware

AppSec Decoded: Strategies for identifying and preventing malicious code in your SDLC | Synopsys

Sep 5, 2023 By Synopsys In Synopsys

The threat of malicious packages in npm is real and requires proactive measures to mitigate the risks. Learn about the strategies developers can adopt to protect their apps.

View Video

Synopsys

Read more about AppSec Decoded: Strategies for identifying and preventing malicious code in your SDLC | Synopsys

It's not always malware

Sep 2, 2023 By Johnny Carpenter, General Manager EMEA In 11:11 Systems

Every day, cyber incidents and their subsequent downtimes seem to fill the news. These downtimes, both costly and damaging to consumer trust, have rightfully been something that CISOs and CIOs work to prevent with increasingly sophisticated security measures. But sometimes the most damaging "disasters" are the simplest.

Read Post

11:11 Systems

Read more about It's not always malware

New "Early Warning" System in the U.K. Tips Off Ransomware Targets

Sep 1, 2023 By Stu Sjouwerman In KnowBe4

British Intelligence has come up with a potentially very effective means to disrupt ransomware attacks, but there seems to still be a few kinks in the system. The phone rings at your U.K. office and it’s the U.K. government’s National Cyber Security Centre (NCSC) letting you know they’ve detected a potential cyberattack.

Read Post

KnowBe4

Read more about New "Early Warning" System in the U.K. Tips Off Ransomware Targets

Cyber Criminals Targeting Victims Through Beta-Testing Apps

Aug 31, 2023 By SecuritySenses In SecuritySenses

Cybercriminals use a variety of deceptive methods to defraud their victims. It can be challenging to keep up-to-date with the latest threats to your online security. The Federal Bureau of Investigation (FBI) has warned people about the dangers of a new threat - malicious beta-testing apps. These apps can have severe consequences for our data and finances. In this article, we'll explain how this latest attack works, the signs of a malicious app you need to be aware of, and, most importantly, what cybersecurity tools you need to protect yourself.

Read Post

SecuritySenses

Read more about Cyber Criminals Targeting Victims Through Beta-Testing Apps

Threat-Loaded: Malicious PDFs Never Go Out of Style

Aug 31, 2023 By Bernard Bautista In Trustwave

In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style! Over the past few months, Trustwave SpiderLabs has seen a rising trend in threat actors employing PDF documents to gain initial access through email-borne attacks. Though the use of PDF files as a malicious vector is not a novel approach, it has become more popular as threat actors continue to experiment with techniques to bypass conventional security controls.

Read Post

Trustwave

Read more about Threat-Loaded: Malicious PDFs Never Go Out of Style

Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Aug 31, 2023 By James Liolios In Arctic Wolf

Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations. Our case data supports the observation that affected accounts did not have MFA enabled.

Read Post

Arctic Wolf

Read more about Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Coffee Talk with SURGe: 2023-SEPT-05 Mudge Joins CISA, Qakbot Takedown, Infamous Chisel Malware

Aug 31, 2023 By Splunk In Splunk

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge to share their favorite hack of all time before a deep dive on extortionware vs. ransomware.

View Video

Splunk

Read more about Coffee Talk with SURGe: 2023-SEPT-05 Mudge Joins CISA, Qakbot Takedown, Infamous Chisel Malware

JUMPSEC research reveals ransomware attacks rising again

Aug 30, 2023 By Sean Moran In JUMPSEC

In the first half of 2023, UK ransomware attacks rose by 87% and by 37% globally. UK is the most targeted country outside the US and 20% of European ransomware attacks occur there. There has been increased exploitation of the financial services, insurance and IT sectors.

Read Post

JUMPSEC

Read more about JUMPSEC research reveals ransomware attacks rising again

1H 2023 Ransomware Landscape Overview

Aug 30, 2023 By Arctic Wolf In Arctic Wolf

Threat actor groups maintain dark web shame sites to negotiate ransoms with their victims, name them, and leak their data as punishment for not paying. These sites serve as a major tool for threatening victims and securing ransom payments but are not a precise record of global cyber attacks. However, there’s a lot to learn from the dark web behavior observed in the first half of this year to help contextualize the current threat landscape.

Read Post

Arctic Wolf

Read more about 1H 2023 Ransomware Landscape Overview

Harnessing the Power of Rubrik Security Cloud (RSC) Integration with ServiceNow: A Strategic Leap in Data Management

Aug 30, 2023 By Benjamin Troch In Rubrik

With the goal of achieving robust and efficient data management, one cannot overlook the prowess of Rubrik Secure Cloud (RSC), a platform encapsulating a comprehensive suite of GraphQl APIs. As many organizations trust both Rubrik and ServiceNow for their operational needs, blending these two systems creates a potent synergy.

Read Post