'

What Impact Will AI Have on Cybersecurity Risk Management?

What Impact Will AI Have on Cybersecurity Risk Management?

In the third part of this four-part video series, Decipher editor Lindsey O’Donnell-Welch talks to Merritt Baer, CISO at Reco, Neda Pitt, CISO at Belk, and Danielle Snyder, cyber and compliance lead at Raytheon, about how they’re seeing security teams leverage machine learning, what generative AI innovations mean for risk management and more. Go to … Read more

Categories duo

News alert: Aembit raises $25M Series A funding for non-human Identity and Access Management

Silver Spring, MD, Sept.12, 2024, CyberNewsWire –– Aembit, the leading non-human identity and access management (IAM) company, has secured $25 million in Series A funding, bringing its total capital raised to nearly $45 million. Acrew Capital led the round, with participation from existing investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures, and CrowdStrike Falcon Fund. Aembit’s … Read more

Mastercard to Acquire Threat Intel Firm Recorded Future for $2.65 Billion

In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for $2.65 billion. This acquisition, from Insight Partners, aims to enhance Mastercard’s existing suite of services focused on cyber resilience and trust within the digital economy. Recorded Future, renowned as the … Read more

Critical Vulnerabilities in JPEG 2000 Library Let Attackers Execute Remote Code

Exploiting memory corruption vulnerabilities in server-side software often requires knowledge of the binary and environment, which limits the attack surface, especially for unknown binaries and load-balanced environments.  Successful exploitation is challenging due to the difficulty of preparing the heap and deploying ROP chains without this information.  Researchers discovered vulnerabilities in the Kakadu JPEG 2000 library, … Read more

Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild

RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16, were leveraged to execute remote access tools and gain persistence. Despite the availability of patches, many organizations were slow to apply them, leading to widespread attacks. The attackers abused NmPoller.exe … Read more

New Loki Backdoor Attacking macOS Systems

Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools.  Mythic provides a unified interface for managing agents written in various languages for different platforms, which allows for flexibility and customization, enabling the creation of agents with specific functionalities.  Currently, … Read more

CosmicBeetle Exploiting Old Vulnerabilities To Attacks SMBs All Over The World

CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve.  The threat actor has been actively targeting SMBs worldwide, exploiting vulnerabilities to gain access to their systems and experimenting with the leaked LockBit builder, attempting to leverage its reputation by impersonating the … Read more

Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol.  The malware used in this campaign shares similarities with previously reported APT34 malware families, such as Karkoff, Saitama, and IIS Group 2.  … Read more

New Developer-As-A-Service In Hacking Forums Empowering Phishing And Cyberattacks

SCATTERED SPIDER, a ransomware group, leverages cloud infrastructure and social engineering to target insurance and financial institutions by using stolen credentials, SIM swaps, and cloud-native tools to gain and maintain access, impersonating employees to deceive victims.  Their partnership with BlackCat has enhanced their ability to target Western organizations due to their understanding of Western business … Read more

Hackers Mimic Google, Microsoft & Amazon Domains for Phishing Attacks

Phishing remains a significant concern for both individuals and organizations. Recent findings from ThreatLabz have highlighted the alarming prevalence of phishing attacks targeting major brands, with Google, Microsoft, and Amazon emerging as the top three most impersonated companies. This article explores the intricacies of these phishing tactics, the role of certificate authorities and domain registrars, … Read more

News alert: Criminal IP partners with IPLocation.io to deliver new tech to mitigate IP address evasion

Torrance, Calif., Sept. 11, 2024, CyberNewsWire — Criminal IP, a distinguished leader in Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, announced that it has successfully integrated its IP address-related risk detection data with IPLocation.io, one of the most visited IP analysis and lookup tools on the internet. Through the integration, IPLocation.io, a … Read more

News alert: Opus Security’s new ‘Advanced Multi-Layered Prioritization Engine’ elevates VM

Palo Alto, Calif., Sept.11, 2024, CyberNewsWire — Opus Security, the leader in unified cloud-native remediation, today announced the launch of its Advanced Multi-Layered Prioritization Engine, designed to revolutionize how organizations manage, prioritize and remediate security vulnerabilities. Leveraging AI-driven intelligence, deep contextual data and automated decision-making capabilities, this innovative engine helps organizations prioritize the most critical … Read more