'

Russian hackers target vulnerable webmail servers in Europe for espionage

Russian hackers target vulnerable webmail servers in Europe for espionage

A Russian advanced persistent threat (APT) actor has been using the cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target critical government infrastructures in Europe, according to a research by Recorded Future. The threat group, known as Winter Vivern, was tracked as TAG-70 and was found conducting espionage campaigns targeting over 80 organizations, mainly … Read more

Microsoft Outlook flaw opens door to 1-click remote code execution attacks

Microsoft Outlook flaw opens door to 1-click remote code execution attacks

Microsoft released its batch of monthly security updates this month covering 73 vulnerabilities, including two zero-day flaws exploited in the wild. While organizations should prioritize all critical and high-risk issues, there is one critical vulnerability in Outlook that researchers claim could open the door to trivial attacks that result in remote code execution. Dubbed MonikerLink … Read more

Lawmakers see power grid security risks from Chinese storage batteries

Lawmakers see power grid security risks from Chinese storage batteries

Concern over Chinese technology in US critical infrastructure has been rising for years, given that US dominance in industrial technology manufacturing has given way over the past several decades to cheaper and often better Chinese suppliers. From bulk power system components to port cranes to video surveillance equipment and more, Chinese-made gear and technology now … Read more

Google launches a slew of AI initiatives to enhance cybersecurity

Google launches a slew of AI initiatives to enhance cybersecurity

Tech giant Google launched the AI Cyber Defense Initiative to leverage Artificial Intelligence (AI) to boost cybersecurity and to reverse the “Defender’s Dilemma,” the company said in a blog post.    A key initiative in this is the open-sourcing of Magika, an AI-powered tool for file type identification to detect malware. It is already being … Read more

Visibility, alarm fatigue top remediation concerns in cloud security

Visibility, alarm fatigue top remediation concerns in cloud security

Striking a balance between sufficient visibility into cloud computing environments and the potential for an overdose of false positives and duplicate alerts is the key challenge facing cloud security professionals, according to the State of Security Remediation report from the Cloud Security Alliance (CSA). The report, released today, detailed a raft of important issues facing … Read more

Attack campaign targeting Azure environments compromised hundreds of accounts

Attack campaign targeting Azure environments compromised hundreds of accounts

Security researchers warn that an ongoing cloud account takeover campaign has impacted dozens of Microsoft Azure environments owned by organizations from around the world. The attackers have compromised hundreds of accounts since late November 2023 including managers and senior executives. “The varied selection of targeted roles indicates a practical strategy by threat actors, aiming to … Read more

Surge in “hunter-killer” malware poses significant challenge to security teams

Surge in “hunter-killer” malware poses significant challenge to security teams

Threat actors have stepped up their efforts over the last year to launch attacks aimed at disabling enterprise defenses, according to the annual Red Report released Tuesday by Picus Security. The findings demonstrate a drastic shift in adversaries’ ability to identify and neutralize advanced enterprise defenses, such as next-generation firewalls, antivirus software, and EDR solutions, … Read more

Software security debt piles up for organizations even as critical flaws drop

Software security debt piles up for organizations even as critical flaws drop

While the prevalence of high-severity security flaws in applications has dropped significantly in the last few years, a large number of organizations still have critical security debt, according to a research by Veracode. The research is based on data collected from Veracode’s recent static application security testing (SAST), dynamic application security testing (DAST), and software … Read more

Nation-state threat actors using LLMs to boost cyber operations

Nation-state threat actors using LLMs to boost cyber operations

Nation-state groups Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon are using large language models (LLMs) to improve and expand their criminal activities, according to findings from Microsoft Threat Intelligence Cyber Signals 2024, done in collaboration with Open AI. The study did not identify significant attacks employing the LLMs that Microsoft and … Read more

Hackers paralyze battery maker Varta in cyberattack

Hackers paralyze battery maker Varta in cyberattack

The Varta Group was the target of a cyberattack on parts of its IT systems on the night of Feb. 12, the battery manufacturer has announced. Five production plants and the company’s administration were affected. “The IT systems and thus also production were proactively shut down temporarily for security reasons and disconnected from the internet,” … Read more

Will generative AI kill KYC authentication?

Will generative AI kill KYC authentication?

For decades, the financial sector and other industries have relied on an authentication mechanism dubbed “know your customer” (KYC), a process that confirms a person’s identity when opening account and then periodically confirming that identity overtime. KYC typically involves a potential customer providing a variety of documents to prove that they are who they claim … Read more