2024-09-08
Headlines

Category: Identity & Access

The Shifting Landscape of Cyber Threats: Unveiling the Modified Open Source 'SapphireStealer' Information Stealerwordpress,cyberthreats,informationstealer,opensource,SapphireStealer

The Shifting Landscape of Cyber Threats: Unveiling the Modified Open Source ‘SapphireStealer’ Information Stealer

Reynolds Alex07 mins

Multiple Threat Actors Adopt and Modify Open Source ‘SapphireStealer‘ Information Stealer Risk of Open Source Malware Recently, Cisco’s Talos security researchers have reported that multiple threat actors have adopted and modified the SapphireStealer information stealer after its source code was released on GitHub. This highlights the risks associated with the open-source nature of software development…

Read More
Malicious npm Packages: A Growing Threat to Developer's Source Code Securitynpmpackages,sourcecodesecurity,maliciouspackages,developertools,softwarevulnerabilities,codeintegrity,packagemanagement,cybersecurity,codeanalysis,softwaredevelopment,open-sourcesoftware,codeauditing,packagedependencies,codereview,softwaretesting

Malicious npm Packages: A Growing Threat to Developer’s Source Code Security

Emma Thompson014 mins

Leveraging Business Data to Enhance AI/ML Threat Detection Introduction In today’s digital landscape, organizations are increasingly relying on artificial intelligence (AI) and machine learning (ML) to detect and combat cyber threats. Data plays a critical role in the effectiveness of these technologies, and businesses must ensure its quality and integrity to amplify threat detection capabilities….

Read More
How to Successfully Navigate the Intersection of AI and IAM: Insights from Cydereswordpress,AI,IAM,Cyderes,intersection,insights

How to Successfully Navigate the Intersection of AI and IAM: Insights from Cyderes

Patel Maya010 mins

The Weaponization of Artificial Intelligence and the Importance of Internet Security Introduction The rapid advancements in artificial intelligence (AI) technology have brought about many benefits, but they have also opened up new avenues for malicious actors to exploit. As John Ayers and Mike Wyatt discuss in their insightful presentation, AI has already been weaponized against…

Read More
Can Fastly's New Certainly CA Transform the Security Landscape? New Title: Examining Fastly's Groundbreaking Launch of Certainly CAwordpress,Fastly,CertainlyCA,security,landscape,transformation,launch,examination,groundbreaking

Can Fastly’s New Certainly CA Transform the Security Landscape? New Title: Examining Fastly’s Groundbreaking Launch of Certainly CA

Nguyen Michael012 mins

Fastly Launches Certainly, a Publicly-Trusted TLS Certificate Authority Introduction Fastly, the edge cloud platform provider, made an announcement today regarding the general availability of Certainly, its publicly-trusted TLS Certificate Authority. This announcement follows its limited program release in February 2022. Certainly allows Fastly customers to use in-house issued digital certificates to secure websites and API…

Read More
Addressing RMM Software Risks: Analyzing CISA's Cyber Defense Planwordpress,RMMsoftware,risks,CISA,cyberdefenseplan,analysis

Addressing RMM Software Risks: Analyzing CISA’s Cyber Defense Plan

Nguyen Michael011 mins

CISA Releases Cyber Defense Plan to Reduce RMM Software Risks The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a strategic plan aimed at helping critical infrastructure organizations mitigate the risks associated with the use of remote monitoring and management (RMM) software. The plan, developed by the Joint Cyber Defense Collaborative (JCDC), aligns with…

Read More
Unraveling the Weave: Safeguarding Your Identity Against Threatswordpress,cybersecurity,identitytheft,onlinesecurity,dataprotection,personalinformation,onlinethreats,privacy,internetsafety,digitalsecurity

Unraveling the Weave: Safeguarding Your Identity Against Threats

Reynolds Alex08 mins

Defending Against Credential Phishing: Protecting Your Business and Employees Introduction In today’s digital era, online security is of utmost importance for individuals and businesses alike. Cybercriminals are constantly devising new techniques to steal sensitive information and exploit vulnerabilities. One such prevalent threat is credential phishing, which aims to acquire login credentials, personal information, and access…

Read More
The Impact of CISA and NSA Guidance on Critical Infrastructure Securitywordpress,CISA,NSA,guidance,criticalinfrastructure,security,impact

The Impact of CISA and NSA Guidance on Critical Infrastructure Security

Patel Maya010 mins

The Importance of Cybersecurity in Protecting Critical Infrastructure The Need to Protect Critical Infrastructure The recent collaboration between the Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency (NSA) in producing the document “Identity and Access Management: Recommended Best Practices for Administrators” highlights the urgency to secure critical infrastructure from cyberattacks. Critical infrastructure and…

Read More
EvilProxy Cyberattack: When Executives Become Targets in the Microsoft 365 Floodwordpress,cyberattack,EvilProxy,executives,Microsoft365,flood

EvilProxy Cyberattack: When Executives Become Targets in the Microsoft 365 Flood

Emma Thompson08 mins

EvilProxy Phishing Campaign Targets Microsoft 365 Executives: An Alarming Rise in Account Takeovers Introduction A recent phishing campaign known as EvilProxy has targeted thousands of Microsoft 365 user accounts worldwide. Over a three-month period between March and June, attackers sent 120,000 phishing emails to more than 100 organizations across the globe, with the primary goal…

Read More
Identity Crisis: The Alarming Surge of Identity-Based Attackswordpress,cybersecurity,identitycrisis,identity-basedattacks,onlinesecurity,databreach,hacking,cyberthreats,internetprivacy,userauthentication

Identity Crisis: The Alarming Surge of Identity-Based Attacks

Nguyen Michael011 mins

Cybercrime Identity-Based Attacks Soared in Past Year: Report The Rise of Identity-Based Attacks According to CrowdStrike’s 2023 Threat Hunting Report, identity-based attacks have seen a significant increase over the past year. The report, based on data collected between July 1, 2022, and June 30, 2023, highlights several key findings in the realm of cybercrime. Notably,…

Read More
The Rise of UEFI Attacks: CISA Sounds the Alarm on Critical Vulnerabilitieswordpress,UEFIattacks,CISA,criticalvulnerabilities,cybersecurity

The Rise of UEFI Attacks: CISA Sounds the Alarm on Critical Vulnerabilities

Emma Thompson012 mins

Government CISA Calls Urgent Attention to UEFI Attack Surfaces The United States government’s cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA), has issued a warning about the vulnerabilities present in UEFI (Unified Extensible Firmware Interface) software. In a call-to-action written by CISA technical advisor Jonathan Spring and vulnerability management director Sandra Radesky, the agency…

Read More