March 26 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers: Dive deeper: Full playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
Random but Memorable - Episode 12.4: Change Future Banter Rating with Verity Harding
How can we shape the future of AI and make sure it's used for good? We sit down with Verity Harding, author of the newly released: AI Needs You: How We Can Change AI's Future and Save Our Own. 🦸♂️🤖 Tune in for the historical lessons we can learn from previous tech revolutions of the twentieth-century – from the space race to the internet – and how they can empower us to join the conversation about AI and its possible futures.
New Phishing-as-a-Service Kit Attempts to Bypass MFA
A Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its focus on bypassing victims’ multi-factor authentication measures.
BreachWatch Dark Web Monitoring
Longtime Keeper user and @MacRumors tech expert Dan Barbera explains how BreachWatch steps in when companies he has accounts with are affected by data leaks.
It's Official: Cyber Insurance is No Longer Seen as a 'Safety Net'
A new report on the state of email security sheds some light on how organizations are viewing and approaching cyber insurance as they shift strategy toward being cyber resilient. The topic of cyber insurance has been covered quite a bit here on this blog. From when cyber insurance first began as a concept, to the challenges it poses for organizations looking as their last resort after an attack, to changes in insurance policy and law.
NPM Manifest Confusion: Six Months Later
Several months ago, Darcy Clarke, a former Staff Engineering Manager at GitHub, discovered the “Manifest Confusion” bug in the npm ecosystem. The bug was caused by the npm registry not validating whether the manifest file contained in the tarball (package.json) matches the manifest data published to the npm server. Clarke claims this to be a large threat, allowing malicious actors to deceive developers and hide harmful code from detection.
Unraveling Cyber Intrigue: Decoding the Complexities of State-Sponsored Hacking Groups
Join us as we uncover the intricate web of state-sponsored hacking groups and the hidden motivations driving their actions. Explore insights from recent revelations, including examples from China dating back to 2012-2013, where various government agencies sponsored competing hacking groups. In this eye-opening discussion, we delve into the financial motivations behind these operations and shed light on the key players pulling the strings. From government agencies vying for dominance to clandestine funding sources, the landscape of cyber intrigue is more complex than meets the eye.
7 Steps to Implement an Effective Vulnerability Management Program
When a new vulnerability is found, the race is on to either solve it or exploit it (depending on which side you’re on). But while attackers are getting faster, companies not so much. Dev teams take around 215 days to resolve a security vulnerability. The numbers are only marginally shorter when dealing with critical vulnerabilities. This delay is particularly concerning given the rise in zero-day exploits, where hackers take advantage of a security flaw before the organization even knows it exists.
From .com to .beauty: The evolving threat landscape of unwanted email
You're browsing your inbox and spot an email that looks like it's from a brand you trust. Yet, something feels off. This might be a phishing attempt, a common tactic where cybercriminals impersonate reputable entities — we've written about the top 50 most impersonated brands used in phishing attacks. One factor that can be used to help evaluate the email's legitimacy is its Top-Level Domain (TLD) — the part of the email address that comes after the dot.
What Is a Firewall?
A firewall is a type of network security system that helps protect your network from external threats by controlling incoming and outgoing network traffic. A firewall can be either software-based or hardware-based. A hardware firewall is typically a router, which is a physical device that blocks traffic from accessing the internal network. A software firewall works similarly, but is installed on your device. For instance, the Windows Firewall comes with operating systems Windows XP SP2 and later.