Manage the Cloud Permissions Gap to Achieve Zero Trust

The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when organizations were prioritizing digital transformation so they could pivot to remote work on an unprecedented scale, Gartner added a new category to its 2020 Hype … Continue reading Manage the Cloud Permissions Gap to Achieve Zero Trust

Why XDR is Not Enough

By Guy Rosefelt, Security CMO, Sangfor Technologies What is XDR? One of the latest trends in cybersecurity is Extended Detection and Response, more commonly known as XDR. Although originally defined by Palo Alto Networks as a key capability, other security vendors have released some type of XDR functionality and of course all define and approach … Continue reading Why XDR is Not Enough

The return of TA402 Molerats APT after a short pause

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East. The TA402 APT group (aka Molerats and Gaza Cybergang) is back after a two-month of apparent inactivity, it is targeting government institutions in the Middle East and global government entities with interest in the … Continue reading The return of TA402 Molerats APT after a short pause

‘Oddball’ Malware Blocks Access to Pirated Software

Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads. The objective of most malware is some kind of gain — financial or otherwise — for the attackers who use it. However, researchers recently observed a unique malware with a single … Continue reading ‘Oddball’ Malware Blocks Access to Pirated Software

Microsofts new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert. Image: Microsoft As operating systems become more secure, attackers are increasingly shifting their attention to firmware, which is less visible, more … Continue reading Microsofts new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Egg free Cake Box suffer data breach exposing credit card numbers

Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers. Cake Box is a UK chain of stores selling fresh cream celebration cakes made without eggs. There are currently 164 Cake Box stores located throughout the United Kingdom. In emails sent to customers this week, Cake … Continue reading Egg free Cake Box suffer data breach exposing credit card numbers

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. “According to court documents and evidence introduced … Continue reading Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Vigilante malware blocks victims from downloading pirated software

A vigilante developer turns the tables on software pirates by distributing malware that prevents them from accessing pirated software sites in the future. Threat actors commonly use pirated software and fake crack sites to distribute malware to unsuspecting users who think they are downloading the latest game or movie. Malware distributed via these methods is … Continue reading Vigilante malware blocks victims from downloading pirated software

Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated threat … Continue reading Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang, tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the … Continue reading UNC2465 cybercrime group launched a supply chain attack on CCTV vendor