How AI Is Enhancing Security in Ridesharing

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

Ransomware Gangs Seek Pen Testers to Boost Quality

Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.

'Operation Undercut' Adds to Russia Malign Influence Campaigns

Just like Russia's Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.

Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday

A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card form or extracting data directly from payment fields.

Geico, Travelers Fined $11.3M for Lax Data Security

New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic.

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.

OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts

Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.

Phishing Prevention Framework Reduces Incidents by Half

The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.

Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network

In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.

Closing the Cybersecurity Career Diversity Gap

Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.

Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

Yakuza Victim Data Leaked in Japanese Agency Attack

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

What Talent Gap? Hiring Practices Are the Real Problem

While the need for cybersecurity talent still exists, the budget may not. Here's how to maximize security staff despite hiring freezes.

Going Beyond Secure by Demand

Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.

How a Mental Health Nonprofit Secures Endpoints for Compassionate Care

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

Cloud Security Startup Wiz to Acquire Dazz in Risk Management Play

Dazz's remediation engine will boost risk management in Wiz's cloud security portfolio.

Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant

In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.

Scattered Spider Cybercrime Members Face Prison Time

Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.

How Can PR Protect Companies During a Cyberattack?

When a cybersecurity incident occurs, it's not just IT systems and data that are at risk — a company's reputation is on the line, too.

It's Near-Unanimous: AI, ML Make the SOC Better

Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say AI and ML are winning that game.

China's 'Liminal Panda' APT Attacks Telcos, Steals Phone Data

In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.

Alleged Ford 'Breach' Encompasses Auto Dealer Info

Cybersecurity investigators found the leaked data to be information from a third party, not Ford itself, that is already accessible to the public and not sensitive in nature.

SWEEPS Educational Initiative Offers Application Security Training

The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises; and StrongAuth.

Linux Variant of Helldown Ransomware Targets VMware ESxi Systems

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.

Russian Ransomware Gangs on the Hunt for Pen Testers

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

'Phobos' Ransomware Cybercriminal Extradited From South Korea

According to the unsealed criminal charges, the operation is believed to have running for nearly four years.

Jen Easterly, CISA Director, to Step Down on Inauguration Day

Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyberdefense agency prepares for President-elect Trump's new DHS director.

Akira Ransomware Racks Up 30+ Victims in a Single Day

Of the numerous victims, at least three refused to pay the demanded ransom, with the rest seemingly in talks with the cybercriminal group.

Palo Alto Networks Patches Critical Zero-Day Firewall Bug

The security vendor's Expedition firewall appliance's PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.

Why the Demand for Cybersecurity Innovation Is Surging

Companies that recognize current market opportunities — from the need to safely implement revolutionary technology like AI to the vast proliferation of cyber threats — have remarkable growth prospects.

DHS Releases Secure AI Framework for Critical Infrastructure

The voluntary recommendations from the Department of Homeland Security cover how artificial intelligence should be used in the power grid, water system, air travel network, healthcare, and other pieces of critical infrastructure.

Microsoft Pulls Exchange Patches Amid Mail Flow Issues

Email at many organizations has stopped working; the tech giant has advised users who are facing the issue to uninstall the updates so that it can address flaw.

ChatGPT Exposes Its Instructions, Knowledge & OS Files

According to Mozilla, users have a lot more power to manipulate ChatGPT than they might realize. OpenAI hopes those manipulations remain within a clearly delineated sandbox.

Varonis Warns of Bug Discovered in PostgreSQL PL/Perl

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

The Vendor's Role in Combating Alert Fatigue

As alerts pile up, the complexity can overwhelm security professionals, allowing real threats to be missed. This is where vendors must step up.

Cloud Ransomware Flexes Fresh Scripts Against Web Apps

Cloud service providers are getting better at protecting data, pushing adversaries to develop new cloud ransomware scripts to target PHP applications, a new report says.

20% of Industrial Manufacturers are Using Network Security As a First Line of Defense

5 Ways to Save Your Organization From Cloud Security Threats

The shift to cloud means securing your organization's digital assets requires a proactive, multi-layered approach

Iranian Cybercriminals Target Aerospace Workers via LinkedIn

The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.

Google AI Platform Bugs Leak Proprietary Enterprise LLMs

The tech giant fixed privilege-escalation and model-exfiltration vulnerabilities in Vertex AI that could have allowed attackers to steal or poison custom-built AI models.

Amazon Employee Data Compromised in MOVEit Breach

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.

CrowdStrike Spends to Boost Identity Threat Detection

Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise.

'GoIssue' Cybercrime Tool Targets GitHub Developers En Masse

Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.

Citrix Issues Patches for Zero-Day Recording Manager Bugs

There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."

Halliburton Remains Optimistic Amid $35M Data Breach Losses

Though its third-quarter earnings report confirms that the company remains on track, it's unclear how that will be affected if the threat actors commit further damage.

Revamped Remcos RAT Deployed Against Microsoft Windows Users

Windows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad.

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Attackers abuse concatenation, a method that involves appending multiple zip archives into a single file, to deliver a variant of the SmokeLoader Trojan hidden in malicious attachments delivered via phishing

Facebook Asks Supreme Court to Dismiss Cambridge Analytica Lawsuit

Meta has maintained that Facebook did not mislead investors by not including mention of the Cambridge Analytica scandal in its forward-looking risk disclosures, but the plaintiffs say it was a glaring omission.

Open Source Security Incidents Aren't Going Away

Companies and organizations need to recognize the importance of investing in engineers who possess both the soft and hard skills required to secure open source software effectively.

AI & LLMs Show Promise in Squashing Software Bugs

Large language models (LLMs) can help app security firms find and fix software vulnerabilities. Malicious actors are on to them too, but here's why defenders may retain the edge.

Mystery Hackers Target Texas Oilfield Supplier in Ransomware Attack

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

Preparing for DORA Amid Technical Controls Ambiguity

The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience, and testing.

Has the Cybersecurity Workforce Peaked?

While training and credentialing organizations continue to talk about a "gap" in skilled cybersecurity workers, demand — especially for entry-level workers — has plateaued, spurring criticism of the latest rosy stats that seem to support a hot market for qualified cyber pros.

Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz

It's unclear what the threat actors have against this particular breed of cat, but it's taking down the kitty's enthusiasts with SEO-poisoned links and malware payloads.

Canada Closes TikTok Offices, Citing National Security

Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.

Cisco Bug Could Lead to Command Injection Attacks

Though Cisco reports of no known malicious exploitation attempts, three of its wireless access points are vulnerable to these attacks.

'SteelFox' Malware Blitz Infects 11K Victims With Bundle of Pain

The malware combines a miner and data stealer, and it packs functions that make detection and mitigation a challenge.

German Law Could Protect Researchers Reporting Vulns

The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.

International Police Effort Obliterates Cybercrime Network

Interpol disrupts 22,000 malicious IP addresses, 59 servers, 43 electronic devices, and arrests 41 suspected cybercriminals.

Nokia: No Evidence So Far That Hackers Breached Company Data

The mobile device maker continues to investigate IntelBroker's claims of another high-profile data breach, with the cybercriminal group posting on BreachForums internal data allegedly stolen from Nokia through a third-party contractor.

Attacker Hides Malicious Activity in Emulated Linux Environment

The CRON#TRAP campaign involves a novel technique for executing malicious commands on a compromised system.

Schneider Electric Clawed by 'Hellcat' Ransomware Gang

The cybercriminal group holding the stolen information is demanding the vendor admit to the breach and pay up.

Okta Fixes Auth Bypass Bug After 3-Month Lull

The bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to be exploited.

OWASP Beefs Up GenAI Security Guidance Amid Growing Deepfakes

As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.

Name That Edge Toon: Aerialist's Choice

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Can Automatic Updates for Critical Infrastructure Be Trusted?

The true measure of our cybersecurity prowess lies in our capacity to endure.

OWASP Releases AI Security Guidance

OWASP released guidance materials addressing how to respond to deepfakes, AI security best practices, and how to secure open source and commercial generative AI applications.

4 Main API Security Risks Organizations Need to Address

Misconfigurations, weak authentication and logic flaws are among the main drivers of API security risks at many organizations.

Privacy Anxiety Pushes Microsoft Recall AI Release Again

The Recall AI tool will be available to Copilot+ PC subscribers in December, and can be used to record images of every interaction on the device for review later. Critics say this introduces major privacy and security concerns along with useful functionality.

Chinese APTs Cash In on Years of Edge Device Attacks

The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.

Critical Auth Bugs Expose Smart Factory Gear to Cyberattack

Factory automation software from Mitsubishi Electric and Rockwell Automation could be subject to remote code execution (RCE), denial-of-service (DoS), and more.

IT Security Centralization Makes the Use of Industrial Spies More Profitable

As organizations centralize IT security, the risk of espionage is silently becoming a more profitable threat.

The Overlooked Importance of Identifying Riskiest Users

"See one, teach one, do one" takes a page out of the healthcare playbook to reduce human vulnerabilities where they matter most in cybersecurity.