Search results for: software

week in review

Week in review: 5 free CISA resources, surviving a DDoS attack, Google to make Cobalt Strike useless

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google seeks to make Cobalt Strike useless to attackers Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers. Fake subscription invoices lead to corporate data theft and extortion A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software … More

Eyes

Fake subscription invoices lead to corporate data theft and extortion

A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. The group is eschewing the use of ransomware and instead relies on targeted employees calling a phone number manned by the attackers and convincing them to install a remote access tool. “Callback phishing, also referred to as telephone-oriented attack delivery (TOAD), is a social engineering attack that requires a … More

Hornetsecurity expands APAC and EMEA growth through new distribution agreements

Hornetsecurity announced a major push into several different regions across the world, with the signing of new distributors and partnerships. This further expands Hornetsecurity’s established presence in Europe, the US and LATAM. In the Philippines and Saudi Arabia, the signing of distributors WSI and S2 will see Hornetsecurity’s capabilities support even more businesses in limiting cybersecurity issues. EMT have been appointed as distributors of Hornetsecurity solutions in the Middle East. In Eastern Europe, software distributors … More

DDoS

Out of the blue: Surviving an 18-hour, 39M-request DDoS attack

No online business can afford to neglect malicious bot threats. Attackers and fraudsters increasingly leverage bots to automate and coordinate attacks, driving IT teams and ill-equipped security tools to their limits. Only a full-endpoint, 360° bot protection solution that leverages aggregate global detection signals can save you from unexpected threats. Case in point: A large e-commerce website protected by DataDome’s bot and online fraud management solution recently remained blissfully unaffected throughout a high volume, highly-distributed … More

Cobalt Strike

Google seeks to make Cobalt Strike useless to attackers

Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers. “Our intention is to move the tool back to the domain of legitimate red teams and make it harder for bad guys to abuse,” says Greg Sinclair, a security engineer with Google Cloud Threat Intelligence. The problem with Cobalt Strike Cobalt Strike, a legitimate adversary simulation tool used … More

shield

Future-proofing asset and vulnerability intelligence in response to CISA’s BOD 23-01

Modern environments have become more dynamic and the need for equally progressive asset discovery techniques has intensified. The new Cybersecurity and Infrastructure Security Agency (CISA) Binding Operational Directive (BOD) 23-01 recognizes this fact. What is BOD 23-01? While it is only binding for US federal civilian agencies, the directive emphasizes the foundational asset discovery and intelligence capabilities all organizations must possess to be prepared for modern threats. Without the critical insight these capabilities provide, the … More

CISA free resources

5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)

The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security. CISA is in charge of enhancing cybersecurity and infrastructure protection at all levels of government, coordinating cybersecurity initiatives with American U.S. states, and enhancing defenses against cyberattacks. To assist businesses in enhancing their security capabilities, CISA offers free cybersecurity products and services. Cyber Hygiene Vulnerability Scanning You can register for this service by emailing vulnerability@cisa.dhs.gov. Scanning will start … More

Kubernetes

The pros and cons of using open-source Kubernetes security software

Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed. In a survey of The State of Kubernetes Open Source Security, 55% of respondents said they used at least some open source tools to keep their Kubernetes clusters safe; this includes those who use purely open source and those mix open source and proprietary solutions. The research revealed it … More

week in review

Week in review: 5 Kali Linux tools, Spotify’s Backstage vulnerability, Cybertech NYC 2022

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: As trust in online spaces degrades, Canada bolsters resilience against cyber attacks In this Help Net Security interview, Sami Khoury, Head of the Canadian Centre for Cyber Security, talks about how Canada is addressing today’s top threats, touches upon his long career and offers tips for those new to the industry. Russian hacktivists hit Ukrainian orgs with ransomware – but … More

Handshake

Data Theorem collaborates with AppOmni to strengthen application security posture management for enterprises

Data Theorem partners with AppOmni to enable organizations to better secure first-party and third-party apps and APIs. As a result, organizations which build their own applications, leverage third-party SaaS applications, and utilize first- and third-party APIs within their applications will now have a coordinated application security posture management (ASPM) offering. AppOmni delivers centralized visibility, unmatched data access management, and security controls that integrate seamlessly into any SaaS environment. It protects more than 78 million users … More

PCI

PCI SSC publishes new standard for mobile payment acceptance solutions

The PCI Security Standards Council (PCI SSC) published a new standard designed to support the evolution of mobile payment acceptance solutions. PCI Mobile Payments on COTS (MPoC) builds on the existing PCI Software-based PIN Entry on COTS (SPoC) and PCI Contactless Payments on COTS (CPoC) Standards, which individually address security requirements for solutions that enable merchants to accept cardholder PINs or contactless payments using a smartphone or other commercial off-the-shelf (COTS) mobile device. The PCI … More

security platform

LOKKER Privacy Edge PRO helps companies identify and mitigate privacy risks

LOKKER launches LOKKER Privacy Edge PRO, a cloud-based software solution that automates the rapid analysis of thousands of websites; identifies specific trackers, pixels and cookies; and alerts website owners when their customers’ personal information is at risk. The offering is designed for privacy attorneys, eDiscovery firms, and cyber insurers to use across their client portfolios. A spate of recent class action lawsuits and state Attorneys General actions have alerted businesses that they are responsible for … More