More PyPl packages hacked following phishing attack
Package maintainers gave away login credentials, which were then used to taint packages with malicious code......»»
Thrive Incident Response & Remediation helps organizations contain and remove threats
Thrive launched Thrive Incident Response & Remediation, an on-demand cybersecurity response service to contain and remove threats, along with engineering assistance to rebuild and restore critical systems. Phishing, ransomware and other cyberattacks.....»»
Image-based phishing tactics evolve
While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, according to IRONSCALES and Osterman Research. IT pros are highly aware of.....»»
Security Bite: Hackers breach CISA, forcing the agency to take some systems offline
The Cybersecurity and Infrastructure Security Agency (CISA) says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrast.....»»
Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What organizations need to know about the Digital Operational Resilience Act (DORA) In this Help Net Security interview, Kris Lovejoy, Global Securi.....»»
Attack wrangles thousands of web users into a password-cracking botnet
Ongoing attack targeting thousands of sites, continues to grow. Enlarge (credit: Getty Images) Attackers have transformed hundreds of hacked sites running WordPress software into command-and-control servers that force vi.....»»
Skybox 13.2 empowers organizations to identify and remediate vulnerabilities
Skybox Security announced Skybox 13.2, introducing enhancements to its Vulnerability and Threat Management solution. These updates mark a significant milestone in vulnerability prioritization and attack surface management, empowering organizations wi.....»»
Elon Musk’s German Tesla plant suffers close to $1 billion in damages after attack by the ‘dumbest eco-terrorists on Earth’
Elon Musk’s German Tesla plant suffers close to $1 billion in damages after attack by the ‘dumbest eco-terrorists on Earth’.....»»
IONIX Exposure Validation identifies and prioritizes exploitable vulnerabilities
IONIX announced a significant extension to its Attack Surface Management (ASM) platform, Automated Exposure Validation. Customers of IONIX can now benefit from Exposure Validation capabilities for continuous exploitability testing on production envir.....»»
Yemen faces "environmental disaster" as sunken ship threatens Red Sea
The sinking of a bulk carrier off Yemen after a Huthi missile attack poses grave environmental risks as thousands of tonnes of fertilizer threaten to spill into the Red Sea, officials and experts warn......»»
Tesla halts production at German plant after suspected arson nearby
Tesla's plant near Berlin was left without electricity after a suspected arson attack caused a major power outage......»»
Your American Express credit card info may have been hacked
American Express confirmed card member's account information might have been exposed in a recent breach involving third-party payment-processing hardware......»»
Securing software repositories leads to better OSS security
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the p.....»»
Phishers target FCC, crypto holders via fake Okta SSO pages
A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users and employees, Lookout researchers have discovered. The phishing campaign B.....»»
Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts
Akamai announced significant additions to its flagship Akamai App & API Protector product, including advanced defenses against sophisticated application-layer distributed denial-of-service (DDoS) attacks. The enhanced Layer 7 DDoS protections now pre.....»»
95% believe LLMs making phishing detection more challenging
More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI advancements, particularly generative AI, have empowered cybercriminals to.....»»
US prescription market hamstrung for 9 days (so far) by ransomware attack
Patients having trouble getting lifesaving meds have the AlphV crime group to thank. Enlarge (credit: Getty Images) Nine days after a Russian-speaking ransomware syndicate took down the biggest US health care payment pro.....»»
3D printer users say their devices were hacked to warn of a security flaw
A benevolent hacker is warning of a 3D printer vulnerability and asking the company to make the printer open source......»»
BobTheSmuggler: Open-source tool for undetectable payload delivery
BobTheSmuggler is an open-source tool designed to easily compress, encrypt, and securely transport your payload. It basically enables you to hide a payload in plain sight. BobTheSmuggler is helpful in phishing campaign assessments, data exfiltration.....»»
The CISO’s guide to reducing the SaaS attack surface
SaaS sprawl introduces security risks, operational headaches, and eye-popping subscription costs. Download this guide to learn how to implement a strategic approach to reducing your SaaS attack surface without slowing down the business. Inside the gu.....»»
Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT
76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea. Enterprises report significant losses from mobile fraud 61% of enterprises still.....»»