Calling all network defenders: Flag or block the unapproved use of legitimate cloud services in your enterprise, since malware-wielding nation-state attackers and cybercrime groups are both using them to hide their malicious activities, researchers warn.
North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Oliver Tavakoli, CTO at Vectra AI, discusses ways that discriminative AI technology can filter out all of the noise from the massive volume of alerts from a portfolio of cybersecurity tools.
Palo Alto Networks edged out Versa Networks, Cato Networks and firewall rival Fortinet for the top spot in Forrester's first-ever secure access service edge rankings. Leading providers have over the past 18 months built or bought both the networking and security pieces of SASE, Forrester found.
Researchers say a proxy service is routing internet traffic through unsuspecting users' systems that it turns into residential exit nodes, luring them into downloading the proxy application through offers of cracked software and games. Antivirus engines don't detect the application.
This week's roundup of digital assets-related cybersecurity incidents includes Argentina's investigation into WorldCoin; hackers' exploitation of Libbitcoin; Zunami and RocketSwap; Curve Finance's compensation plans for hack victims; the FBI's $1.7 million forfeiture; and X's crypto scam problem.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient information to third parties, said Susan Rhodes of the Department of Health and Human Services.
The Play ransomware group is targeting security managed service providers to gain initial access and using up to a half-decade-old vulnerabilities in security appliances, warn security researchers with Adlumin. The gang is also using intermittent encryption in a bid to avoid setting off defenses.
Hackers wielding generative artificial intelligence tools have yet to pose a serious cybersecurity risk, say researchers at Google's threat intelligence group Mandiant, as they sound the alarm instead about a rise in information operations featuring AI-generated fake images and video.
Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part because legitimate tools can be "jailbroken" to achieve similar results. What are they really achieving?
A federal judge issued a tentative order allowing plaintiffs to continue suing social media giant Meta for allegedly intercepting sensitive health data through its web tracking Pixel tool embedded into patient portals and scheduling apps. Meta attorneys had sought to have the lawsuit dismissed.
Ransomware and other cyberthreats stemming from overseas actors surged last year in Germany, causing losses worth billions of euros, the country's federal police said. While domestic cybercrime decreased by 6.5% in comparison to 2021, they said, crimes committed by foreign actors increased by 8%.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.