Collaborate Disseminate
North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo … Continue reading North Korean hackers pave the way for Play ransomware
Yet again, connected devices are in the news for all the wrong reasons. In October, security researchers found that robot vacuums from Chinese company, Ecovacs, can be compromised via a backdoor. In one case, hackers gained control over the device and … Continue reading IoT needs more respect for its consumers, creations, and itself
In this Help Net Security interview, Lior Div, CEO at Seven AI, discusses the concept of agentic AI and its application in cybersecurity. He explains how it differs from traditional automated security systems by offering greater autonomy and decision-m… Continue reading How agentic AI handles the speed and volume of modern threats
A recent Vectra AI report highlights a growing distrust of threat detection tools. 47% of respondents note they do not trust their tools to work the way they need them to. Moreover, 60% of SOC practitioners say security vendors flood them with pointles… Continue reading Why cyber tools fail SOC teams
A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX ransom note (Source: LeakIX) The CyberPanel … Continue reading Ransomware hits web hosting servers via vulnerable CyberPanel instances
With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become easy target… Continue reading Product showcase: Shift API security left with StackHawk
Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protoco… Continue reading Russian hackers deliver malicious RDP configuration files to thousands
Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, rather than fire suppression experts designing environments that refuse to burn…. Continue reading Risk hunting: A proactive approach to cyber threats
In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems. She emphasizes modern techniques like biometrics and passke… Continue reading Simplifying decentralized identity systems for everyday use
The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline a… Continue reading US charges suspected Redline infostealer developer, admin