Infosec products of the month: August 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston …
Championing cybersecurity regulatory affairs with Nidhi Gani
Nidhi Gani is a seasoned regulatory affairs professional with over a decade of experience in cybersecurity, medical devices, and digital health. She’s worked with devices …
Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Adapting authentication to a cloud-centric landscape In this Help Net …
How Ducktail capitalizes on compromised business, ad accounts
Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that. “We …
New infosec products of the week: September 1, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Ciphertex Data Security, ComplyCube, Fortinet, and MixMode. Ciphertex strengthens …
Cybercriminals use research contests to create new attack methods
Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security …
Understand the fine print of your cyber insurance policies
A significant gap is emerging between insurance providers, as organizations skip the fine print and seek affordable and comprehensive coverage, potentially putting them in a …
Exploring the traits of effective chief audit executives
Chief audit executives (CAEs) have identified risk orientation, stakeholder management, and team leadership as the top three characteristics of the most effective individuals, …
Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. …
Apple offers security researchers specialized iPhones to tinker with
Apple is inviting security researchers to apply for its Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the …
Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store
ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …
The power of passive OS fingerprinting for accurate IoT device identification
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased …