September 12, 2024 at 07:18AM In its Q2 2024 SASE Threat Report, Cato CTRL revealed critical insights from analyzing 1.38 trillion network flows. Notable findings include the identification of IntelBroker as a major threat actor, 66% of brand spoofing targeting Amazon, and the continued exploitation of Log4j and Oracle WebLogic vulnerabilities. Security recommendations from the … Read more
August 14, 2024 at 08:39AM Traditional password security measures are no longer enough to protect organizations from cyber threats. Prioritize securing the Active Directory and consider integrating External Attack Surface Management (EASM) to enhance password security. EASM helps detect vulnerabilities, monitor for leaked credentials, provide real-time alerts, and offer actionable recommendations to strengthen cybersecurity defenses. … Read more
July 30, 2024 at 04:56PM New research shows that cybercriminals are now selling Generative AI (GenAI) account credentials alongside other illegal goods on underground hacker markets. The credentials are for platforms like ChatGPT, Quillbot, and Huggingface, with roughly 400 accounts stolen per day and sold for $15 each. The researchers advise organizations to monitor employee … Read more
April 17, 2024 at 10:25AM The term “dark web” refers to websites ending in .onion accessed through a special browser, Tor. Monitoring such sites can provide value in identifying leaked credentials, understanding cybercrime, and stopping attacks. Flare’s TEM solution scans the dark web and illicit Telegram channels to identify and prioritize risks, replacing multiple tools. … Read more
February 20, 2024 at 11:49AM Researchers uncovered voter data sale following a breach against Iraq’s Independent High Electoral Commission. The 21.58 GB database contains Iraqi voter info and a custom software client. Election cyber threats surged to 26% in 2022, jeopardizing democratic processes worldwide. Resecurity confirmed the leak and highlighted election threats from various actors … Read more
November 20, 2023 at 03:50PM Progress Software’s MOVEit file transfer application has been exploited by the Russian ransomware group Clop, impacting 2,620 organizations and over 77 million individuals. Avast, the antivirus company, is among the victims, with 3 million customers’ information reportedly leaked on a hacking forum. Welltok, a patient communication services provider, has also … Read more
November 9, 2023 at 05:10PM Kyocera AVX Components Corporation (KAVX), an American manufacturer of electronic components, experienced a data breach exposing personal information of 39,111 individuals following a ransomware attack. The breach occurred between February 16 and March 30, 2023. The hackers responsible, the LockBit ransomware gang, leaked stolen data that includes full names and … Read more