US, Allies Release Guidance on Event Logging and Threat Detection

August 23, 2024 at 08:03AM The US and its allies released a joint guidance document, “Best Practices for Event Logging and Threat Detection,” focusing on defining a baseline for event logging in organizations. The guidance emphasizes the importance of security best practices, sharing responsibilities, capturing high-quality cyber security events, and structured log formats to support … Read more

Fighting Back Against Multi-Staged Ransomware Attacks Crippling Businesses

August 6, 2024 at 09:42AM Ransomware attacks have evolved from indiscriminate victims to targeted, multi-staged attacks. Attackers infiltrate organizations, eavesdrop on emails, and exfiltrate critical data before encrypting computers and demanding a ransom. This modern method renders traditional recovery systems useless. Ransomware has become organized, with syndicates offering ransomware-as-a-service and state-sponsored attackers joining in. Organizations … Read more

‘Phantom’ Source Code Secrets Haunt Major Organizations

June 27, 2024 at 05:52AM Aqua Security’s research reveals a significant number of “phantom” secrets persist within Git-based Source Code Management systems, posing security risks for top organizations. These include leaked secrets granting access to cloud environments, internal infrastructure, API tokens, and network devices of major companies. Aqua emphasizes the challenges in accurately detecting and … Read more

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

June 13, 2024 at 07:48AM Financial cyber-attacks prompt tighter compliance regulations in the financial sector, with other industries expected to follow. Many companies lack efficient methods for managing SaaS security and compliance tasks. Free SaaS risk assessment tools offer incremental upgrades to help meet budget and security needs. Understanding financial sector cyber compliance is key … Read more

Developing a Plan to Respond to Critical CVEs in Open Source Software

June 7, 2024 at 10:09AM The tech industry faced wake-up calls in 2020 and 2021 with incidents like SolarWinds, Log4j, and Kaseya’s VSA, emphasizing the critical need to refine response strategies to vulnerabilities and supply chain attacks. Both large and small organizations must prioritize comprehensive asset inventories and software bills of materials to effectively respond … Read more

Chinese APT Hacks 48 Government Organizations

March 19, 2024 at 09:57AM A hacking group, Earth Krahang, believed to be linked to the Chinese company I-Soon, has compromised numerous foreign government entities. The group is accused of conducting cyberespionage and targeting over 70 organizations across 23 countries, primarily in Asia and America. They have used various tactics, including spear-phishing emails and deploying … Read more

Fast-Growing RA Ransomware Group Goes Global

March 5, 2024 at 01:10PM The RA World ransomware group, formed in April, has significantly expanded its attack scope. Targeting global organizations, the group recently launched sophisticated cyberattacks, notably in Latin America’s healthcare sector. With a focus on the US and adoption of double-extortion tactics, it poses a major threat, emphasizing the need for robust … Read more

Apache ERP Zero-Day Underscores Dangers of Incomplete Patches

January 4, 2024 at 04:08PM An unknown group has targeted a zero-day vulnerability in Apache’s OfBiz enterprise resource planning framework, allowing attackers to access sensitive information and remotely execute code. The incident underscores the importance of thorough patch analysis, as attackers often find ways to bypass software fixes. Similar patch failures have been seen with … Read more

Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days

December 22, 2023 at 03:14PM Attackers have exploited five vulnerabilities, including four zero-days, in a sensitive Windows kernel-level driver, exposing a systemic issue in Windows CLFS. The high-performance logging system, favored by hackers for low-level system privileges, suffers from design flaws, leading to a series of easily exploited bugs. Without redesign, it poses ongoing security … Read more

New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence

December 13, 2023 at 01:30PM Major AI software vendors have joined the Cloud Security Alliance’s AI Safety Initiative to develop trusted best practices for generative-AI technology. Participants include heavyweights Microsoft, Amazon, Google, OpenAI, and Anthropic. The initiative aims to create security best practices for AI deployment and facilitate responsible adoption. Cybersecurity executive Caleb Sima chairs … Read more