16 matches found
Multi-Agent Framework for Threat Mitigation and Resilience in AI-Based Systems
Machine learning ML underpins foundation models in finance, healthcare, and critical infrastructure, making them targets for data poisoning, model extraction, prompt injection, automated jailbreaking, and preference-guided black-box attacks that exploit model comparisons. Larger models can be mor...
Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar
In today's digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability. Most people don't realize their credentials have been compromised unti...
Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
There are so many vulnerabilities disclosed daily that no one can patch all of them. Unfortunately, attackers can exploit them while you are still in the process of reviewing, prioritizing, and patching. Effective risk-based prioritization focuses your limited resources and remediation efforts...
Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics
Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard formerly Nobelium, a...
Saints Turned Evil
Saints Turned Evil By Sushant Kumar Arya, Daksh Kapur and Rohan Shah · January 02, 2024 Attribution at the Bottom As technology advances, attackers are constantly developing new evasion mechanisms to bypass security products and stay one step ahead of security vendors and their products. We have...
TotalCloud Insights: Hidden Risks of Amazon S3 Misconfigurations
Misconfiguring Amazon S3 Buckets Can Pose Major Risks Amazon Web Services AWS is the world’s largest cloud security provider, and it provides the ability to store massive amounts of cloud-resident data with the Amazon Simple Storage Service S3 bucket. Amazon S3 is an object storage solution known...
Phishing as a Service Stimulates Cybercrime
With phishing attacks at an all-time high, phishing as a service PhaaS is turning this once-skilled practice into a pay-to-play industry. Understanding the latest attack tactics is critical to improving your email security strategy...
Business Email Compromise Attack Tactics
Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk...
Assess Your Risk From Ransomware Attacks, Powered by Qualys Research
Ransomware attacks are among the most significant cyber threats facing businesses today. Recent warnings about Conti ransomware, issued by a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency CISA, FBI and National Security Agency, are a strong signal that...
Dogged Persistence -- The Name of the Game for One DDoS Attacker
With DDoS, we typically observe a moderate degree of attacker persistence. DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little...
[eBook] A Guide to Stress-Free Cybersecurity for Lean IT Security Teams
Today's cybersecurity landscape is enough to make any security team concerned. The rapid evolution and increased danger of attack tactics have put even the largest corporations and governments at heightened risk. If the most elite security teams can't prevent these attacks from happening, what ca...
Cybersecurity Webinar — SolarWinds Sunburst: The Big Picture
The SolarWinds Sunburst attack has been in the headlines since it was first discovered in December 2020. As the so-called layers of the onion are peeled back, additional information regarding how the vulnerability was exploited, who was behind the attack, who is to blame for the attack, and the...
VideoBytes: Ransomware gets wasted!
Hello dear readers, and welcome to the latest edition of VideoBytes! On todays episode, were talking about how ransomware is on the rise again, focused on attacking corporations with malware that not only encrypts files, but also steals it. The tactics used to deploy these forms of ransomware hav...
2020 Cybersecurity Outlook Report
In case you missed it, we are excited to release our latest report from the VMware Carbon Black Threat Analysis Unit TAU, the “2020 Cybersecurity Outlook Report”. In the search for clarity in the modern attacker vs. defender battle, it’s all about behaviors. More broadly, we explore the age-old...
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin 2018, held in Montreal Oct. 3-5, featured a keynote from Microsoft’s John Lambert and a range of threat intelligence research from BAE Systems, Check Point, Cisco Talos, Citizens Lab, Digita Security, ESET, GoSecure, Kaspersky Lab, Malwarebytes, Sophos Security and more...
Apache Shows How to Handle a Network Compromise
The Apache Software Foundation last week was the victim of a serious network attack in which a number of its Web servers and other machines were compromised by attackers who were able to gain root privileges and jump from machine to machine. The incident was embarrassing and a serious problem for...