Why We Need Security Knowledge and Not Just Threat Intel
For organizations struggling to defend against today's onslaught of cyberattacks, data can be both a blessing and a curse. Companies rely on data they get from outside sources, such...
Wormable Panchan Peer-to-Peer Botnet Harvests Linux Server Keys
A peer-to-peer (P2P) botnet and worm called Panchan has been actively breaching Linux servers and harvesting Secure Shell (SSH) keys to perform lateral movement — at times brute-forcing credentials.
That's according...
Thousands Arrested in Global Raids on Social-Engineering Scammers
Interpol has announced that a coordinated, global law-enforcement effort has led to the arrest of 2,000 individuals and the seizure of more than $50 million in illicit funds stolen...
For one software maker, an SBOM adds value to the product
Security has long been top of mind for Wes Wells and his team.Wells is chief product officer for Instant Connect Software, which makes communications software that enables push-to-talk voice...
Chinese Threat Actor Employs Fake Removable Devices as Lures in Cyber-Espionage Campaign
One of the primary hallmarks of an advanced persistent threat (APT) group is its ability to operate undetected for years while carrying out its specific mission.
The newest example is...
Microsoft Patches ‘Follina’ Zero-Day Flaw in Monthly Security Update
Microsoft today issued a patch for the recently disclosed and widely exploited "Follina" zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) as part of its scheduled security update...
In Case You Missed RSA Conference 2022: A News Digest
RSA Conference 2022 - If you didn't make the trip to San Francisco last week for the RSA Conference or were too busy watching the Golden State Warriors battle...
Illicit crypto usage as a percent of total usage has fallen: Report
Illicit cryptocurrency activity in 2021 and the first quarter of 2022 has declined as a percentage of overall crypto activity, according to blockchain forensics firm CipherTrace.The cryptocurrency industry has...
Exposed Travis CI API Leaves All Free-Tier Users Open to Attack
A security flaw in the Travis CI API has left tens of thousands of developers' user tokens and other sensitive information exposed to attack, as threat actors could use...
Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry
A stealthy Linux threat called Symbiote is targeting financial institutions in Latin America, with all file, processes, and network artifacts hidden by the malware, making it virtually invisible to...
