%term

Advanced Banking Trojan Maverick Uses WhatsApp to Prey on Brazilian Users

Oct 7, 2025 By Joshua Green and Thomas Elkins In BlueVoyant

The BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers recently analyzed attacks of an adversary targeting users based in Brazil via WhatsApp. The attack lures users into downloading a zip archive. The zip archive contains a shortcut file (.lnk) which ultimately downloads and executes a banking trojan which BlueVoyant researchers have dubbed Maverick internally based off the naming convention used by the attackers.

Read Post

BlueVoyant

Read more about Advanced Banking Trojan Maverick Uses WhatsApp to Prey on Brazilian Users

WP.29 and Beyond: Global Trends in Automotive IoT Cybersecurity 2025

Oct 7, 2025 By Louise José In Device Authority

The automotive industry is undergoing a historic transformation. As vehicles become increasingly connected, autonomous, and software-defined—including the rise of connected cars, autonomous vehicles, and advanced driver assistance systems—cybersecurity has shifted from a technical afterthought to a regulatory requirement. At the heart of this transformation lies UN Regulation No.

Read Post

Device Authority

Read more about WP.29 and Beyond: Global Trends in Automotive IoT Cybersecurity 2025

Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security

Oct 7, 2025 By Dora Miranda In LevelBlue

Picture your online shopping site overwhelmed with fake orders, your customer accounts being drained one after another, or your essential APIs flooded by an endless wave of automated attacks. This is the reality businesses face today—thanks to a fully automated army of cyber criminals determined to cause harm. In this digital bot invasion, businesses of all kinds are under urgent pressure to establish defenses that effectively fight this digital threat.

Read Post

LevelBlue

Read more about Facing the Storm: Navigating the Complex Challenges of Bot Threats in Web Application and API Security

Iframe Payment Security Risks and PCI DSS 6.4.3 Best Practices

Oct 7, 2025 By Feroot In Feroot

Many teams assume that embedding payment forms in an iframe keeps them compliant with PCI DSS 4.0.1, Requirement 6.4.3. The reasoning sounds logical – compliance seems guaranteed if card data never reaches your infrastructure. However, iframe payment security PCI DSS 6.4.3 doesn’t work on assumptions; it works on control. The responsibility shifts to new layers of your website’s supply chain.

Read Post

Feroot

Read more about Iframe Payment Security Risks and PCI DSS 6.4.3 Best Practices

AI-Generated Attacks: What are They and How to Avoid Them?

Oct 7, 2025 By Chaitali Avadhani In miniOrange

AI-generated attacks, such as social engineering, phishing, deepfakes, malicious GPTs, data poisoning, and more, are disrupting the current security landscape speedily. But there are ways to avoid them and strengthen our defences with miniOrange IAM solutions.

Read Post

miniOrange

Read more about AI-Generated Attacks: What are They and How to Avoid Them?

Red Hat Targeted in Massive Data Leak After Scattered LAPSUS$ Hunters Joins Forces with Crimson Collective

Oct 7, 2025 By Foresiet In Foresiet

Researchers at Foresiet are actively investigating a major data leak targeting Red Hat, following claims made by Scattered LAPSUS$ Hunters, who have reportedly joined forces with the Crimson Collective, following claims made by the Scattered LAPSUS$ Hunters, who have reportedly teamed up with the Crimson Collective.

Read Post

Foresiet

Read more about Red Hat Targeted in Massive Data Leak After Scattered LAPSUS$ Hunters Joins Forces with Crimson Collective

Just Enough Access (JEA): A Must-Have Cybersecurity Principle

Oct 7, 2025 By Chaitali Avadhani In miniOrange

Stop giving too much access and start securing smarter. Just Enough Access(JEA) limits privileges to what’s needed, keeping your data safe and teams productive.

Read Post

miniOrange

Read more about Just Enough Access (JEA): A Must-Have Cybersecurity Principle

Master export control regulations for 2025: Effortless compliance strategies

Oct 7, 2025 By Shweta Dhole In TrustCloud

When considering the interconnected global economy, navigating export control regulations is more critical than ever for businesses involved in international trade. These regulations are designed to protect national security, support foreign policy objectives, and prevent sensitive technologies from falling into the wrong hands. However, the increasing complexity of these rules, combined with evolving geopolitical landscapes, can make compliance challenging.

Read Post

TrustCloud

Read more about Master export control regulations for 2025: Effortless compliance strategies

How Exabeam Detects LLM Abuse for Google Cloud Model Armor

Oct 7, 2025 By Exabeam In Exabeam

In this demo, see how the Exabeam New-Scale Security Operations Platform integrates with Google Cloud Model Armor to detect and stop abuse of large language models (LLMs). You’ll learn how Exabeam: Monitors AI activity for suspicious or malicious behavior Uses advanced analytics to spot LLM misuse in real time Helps security teams enforce responsible AI use policies Watch how Exabeam and Google Cloud work together to provide stronger visibility, detection, and protection against emerging threats targeting LLMs.

View Video

Exabeam

Read more about How Exabeam Detects LLM Abuse for Google Cloud Model Armor

Faster, Smarter, Autonomous: Cloud Security with Wiz + Torq

Oct 7, 2025 By Bob Boyle In Torq

Torq AMP spotlights the partners redefining what’s possible in security operations. Each partner brings a unique strength that seamlessly extends Torq’s autonomous SOC platform. Together, these partnerships help SOC teams achieve speed, accuracy, and scale that were once out of reach. Explore the future of SOC in the AMP’d Sessions video series. Cloud has changed everything: how we build, how we deploy, and how attackers strike.

Read Post