Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ESET researchers uncovered the attack and attributed it to the Lazarus group, particularly a campaign dubbed Operation DreamJob. This campaign by the Lazarus group was aimed at defense and aerospace companies with the goal of carrying out cyberespionage.

MOVEit Hackers Intercept Data and SSNs from Nuance Communications

Nuance Communications is a Microsoft-owned software solutions provider employing more than 6,500 people. Nuance controls industry-defining AI, which professionals may use to fully automate tasks, such as entering and manipulating medical records. Many of Nuance’s clients are hospitals, clinics, and health centers in the southeast of the US; those who have received medical services in these areas are now at risk following the most recent MOVEit data breach.

Cyber Threat Modelling

Do you model Cyber Threats, depict likely attack scenarios via Attack Trees and provide those findings back in a succinct manner to those responsible for the risk(s)? Surely that’s for the proviso of large companies, with big budgets and oodles of staff? I hear you say… Perhaps, but any organisation large or small can start to model their Cyber Threats. Why?

How to Discover and Secure Open Port Vulnerabilities

Open port vulnerabilities pose a significant security risk to your organization. If left exposed, ports are a gateway for hackers to breach your network and steal your data. But what are open ports, why are they a security risk, and what can you do to close open port vulnerabilities? Let’s answer your open port questions.

Self-Awareness and Cognitive Fitness to Increase Performance

Bec McKeown discusses the importance of cognitive fitness, which involves agile thinking and cognitive techniques for decision-making. She emphasizes the significance of self-awareness, recognizing one's strengths, weaknesses, and development needs. In a team, this self-awareness helps individuals focus on their strengths and collaborate effectively, acknowledging that nobody excels in everything. The challenge lies in fostering interest in self-awareness among people.

Human Psychology on Immediate Threats | Bec McKeown

Bec McKeown explains how the brain prioritizes immediate threats by filtering out irrelevant information. She discusses how various situations, such as sudden realizations or encountering a ransomware attack, trigger physiological reactions like palpitations, sweating, and a sense of dread. Bec McKeown also mentions how during intense moments like a car accident, the brain's cognitive processes make time seem to slow down as it focuses solely on the threat, excluding all other details. This phenomenon is referred to as cognitive narrowing.

2023 OWASP Top-10 Series: API10:2023 Unsafe Consumption of APIs

Welcome to the 11th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API10:2023 Unsafe Consumption of APIs. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.