Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Astaroth trojan uses GitHub to host malware configurations, TA585 delivers MonsterV2 malware in phishing campaigns, and threat actors exploit Microsoft’s logo in tech support scams.

Threat actors are abusing X’s generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it’s answering a question, and providing a link in its answer. “In this attack campaign, threat actors circumvent X’s ban on links in promoted posts (designed to fight malvertising) by running video card posts featuring clickbait videos,” ESET says.

In the high-stakes world of financial services, trust is the cornerstone of every client relationship. But here's the challenge that keeps financial leaders up at night: how do you maintain the stringent security clients demand while delivering the rapid response they expect? It's a delicate balancing act that has become increasingly complex in our digital-first world. The reality is stark. A data breach can trigger a mass exodus, with 33% of clients saying they'd switch providers after a data incident.

Cybernews warns that threat actors will likely take advantage of the recent AWS outage to launch phishing attacks against affected users. Attackers frequently exploit high-profile events to carry out social engineering attacks while people are confused or stressed, as these users are more likely to act without careful consideration.

With the shifting economic landscapes and unforeseen disruptions, global supply chains are being tested like never before. Businesses across various industries are recognizing that robust risk management isn’t just an operational requirement; it’s a strategic imperative. From sudden geopolitical changes to natural disasters and digital threats, the challenges facing supply chains demand proactive measures and flexible strategies.