Finding the perfect cybersecurity SaaS solution can be difficult considering the numerous factors that must be considered, such as the industry your organization operates in, the number of vendors your organization manages, the budget available to find a suitable security solution, and the specific use cases for your organization. Part of the selection process is to trial many different products so you can compare multiple services and find the best solution for your organization’s needs.

Read also: BreachForum’s admin pleads guilty to three charges, Genesis Market gets a new owner, and more.

Cisco Talos discovered a troubling revelation. Threat actors have seized upon a cunning Windows policy loophole, exploiting it to their advantage. This loophole allows them to sign and load cross-signed kernel mode drivers with signature timestamps. These malicious actors have cunningly embraced open-source tools’ power, manipulating kernel mode drivers’ signing date. They aim to introduce a horde of unverified and malevolent drivers with expired certificates.

Microsoft's security team has recently made a significant discovery regarding an increase in cyber-attacks orchestrated by the Russian state-backed group known as the Midnight Blizzard crew. This group, which also operates under the aliases Nobelium, APT29, Cozy Bear, Iron Hemlock, and The Dukes, has been actively targeting personal credentials, according to Microsoft's findings. The Midnight Blizzard hackers employ residential proxy services to conceal the source IP addresses of their attacks.

Human error is a major contributing factor to company data breaches. More than 340 million people may already have been affected by a data breach in the first four months of 2023. With cybercrime rates soaring around the world, it’s clearly an area where investment and expertise are required.

An X.509 certificate holds immense significance in digital security, functioning as a digital certificate conforming to the universally accepted ITU X.509 standard. This standard defines the structure and format of public critical infrastructure certificates. X.509 certificates play a vital role in managing identity and ensuring security. The strength of X.509 certificates lies in their underlying architecture, which utilizes a key pair composed of a public key and a private key.

We're all familiar with tech support scams - where the unwary are tricked into granting remote access to their computers by fraudsters, in the belief that the "tech support person" will fix a non-existent "problem" (such as a "virus infection") or make a refund after claiming that there has been fraudulent activity detected on an account.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A basic a security failure. Pretty damaging to them as well as their users…

Today we’re excited to announce Cloudflare’s partnership with Jamf to extend Cloudflare’s Zero Trust Solutions to Jamf customers. This unique offering will enable Jamf customers to easily implement network Data Loss Prevention (DLP), Remote Browser Isolation (RBI), and SaaS Tenancy Controls from Cloudflare to prevent sensitive data loss from their Apple devices.

Six months ago, the question, “Which is your preferred AI?” would have sounded ridiculous. Today, a day doesn’t go by without hearing about “ChatGPT” or “Bard.” LLMs (Large Language Models) have been the main topic of discussions ever since the introduction of ChatGPT. So, which is the best LLM? The answer may be found in a surprising source – the dark web. Threat actors have been debating and arguing as to which LLM best fits their specific needs.