The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest

November 10, 2023 at 04:03AM Automated security tools are becoming increasingly important for SOC teams, as they help cover the 80% of common threats across organizations. However, customization is still necessary for the remaining 20% of unique use cases. Automation can improve data ingestion, detection, investigation, and response, but customization allows organizations to address their … Read more

Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan

November 10, 2023 at 12:45AM A watering hole attack has targeted Urdu-speaking readers in the Gilgit-Baltistan region via the Hunza News website. The attack delivers a new spyware called Kamran, which is disguised as an Android app. The malware collects sensitive information from infected devices and uploads it to a command-and-control server. Kamran lacks remote … Read more

Zero Day Threat Protection for Your Network

November 6, 2023 at 03:28AM Zero day threats are security vulnerabilities that have been detected in a system or device but have not yet been patched by the vendor community. These threats can be targeted towards specific companies or applications and can cause significant damage, including financial losses. Relying solely on vendors to address these … Read more

‘Prolific Puma’ Hacker Gives Cybercriminals Access to .us Domains

October 31, 2023 at 02:03PM A cyber threat actor known as “Prolific Puma” is using a link-shortening service to provide cybercriminals with .us domains, making their phishing campaigns harder to detect. Prolific Puma has generated over 75,000 unique domains in the past 18 months, evading regulations and providing criminals with shortened links that fit in … Read more

‘Elektra-Leak’ Attackers Harvest AWS Cloud Keys in GitHub Campaign

October 31, 2023 at 10:57AM Attackers are actively targeting exposed Amazon Web Services (AWS) IAM credentials in public GitHub repositories to create instances for cryptocurrency mining. Palo Alto Networks observed the attacker creating 474 compute-optimized EC2 instances between August 30 and October 6. The attackers are able to launch attacks within minutes of credentials being … Read more

Trojanized PyCharm Software Version Delivered via Google Search Ads

October 31, 2023 at 07:06AM A malvertising campaign has been discovered that exploits a compromised website to promote fake versions of PyCharm on Google search results. Users who clicked on the ad were directed to a hacked webpage that installed multiple malware. The campaign takes advantage of Dynamic Search Ads offered by Google, allowing threat … Read more

UAE Bolsters Cyber Future With US Treasury Partnership, Collaborations

October 30, 2023 at 02:02PM The United Arab Emirates’ Cybersecurity Council has signed partnerships with other nations, including the US, Morocco, and Chad, to strengthen its threat intelligence sharing capabilities. These agreements aim to improve cybersecurity within the UAE, with a focus on the financial services industry and joint planning and response to cyberattacks. The … Read more

Microsoft unveils shady shenanigans of Octo Tempest and their cyber-trickery toolkit

October 27, 2023 at 09:15AM Microsoft has released a report on Octo Tempest, a dangerous financial criminal group. The group, which primarily targets English-speaking organizations, is skilled in SMS phishing, SIM swapping, and advanced social engineering. Originally focused on data extortion, Octo Tempest has now expanded to full-scale ransomware attacks. The group uses various tactics, … Read more

Lumen Q3 DDoS Report: Banking Was the Most Targeted Industry for the First Time

October 26, 2023 at 06:18PM New data from Lumen Technologies reveals that the banking industry was the most targeted vertical for Distributed Denial of Service (DDoS) attacks in Q3 2023. A single banking customer experienced over 230 DDoS attacks in a single day, but Lumen’s multi-layered DDoS mitigation approach prevented any downtime. The report also … Read more

Key Learnings from “Big Game” Ransomware Campaigns

October 26, 2023 at 12:21PM A recent report on crypto crime found that ransomware attacks are increasing in prevalence, targeting major industries such as casinos, manufacturing, retail, and technology. Organizations must take specific steps to address these attacks, including understanding the threat, identifying internal signs of attack, and strengthening infrastructure. Utilizing threat intelligence and effective … Read more