17 matches found
New Detection Method Uses Hackers’ Own Jitter Patterns Against Them
A new detection method from Varonis Threat Labs turns hackers' sneaky random patterns into a way to catch hidden cyberattacks. Learn about Jitter-Trap and how it boosts cybersecurity defenses...
Capacity is Critical in Riskier Threat Landscape
International cooperation, reporting, and capacity building are critical to enhance cybersecurity defenses. Effective governance in an increasingly risky landscape requires visibility as well as coordinated vulnerability disclosure...
Debunking the AI Hype: Inside Real Hacker Tactics
Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs' Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks...
Cyber Story Time: The Boy Who Cried "Secure!"
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation ASV tools?" We've covered that pretty extensively in the past, so today, instead of covering the "What is ASV?" I wanted to address the "Why ASV?"...
The Fundamentals of Cloud Security Stress Testing
״Defenders think in lists, attackers think in graphs," said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them. The traditional approach for defenders is to list security gaps directly related to...
Protecting credentials against social engineering: Cyberattack Series
Our story begins with a customer whose help desk unwittingly assisted a threat actor posing as a credentialed employee. In this fourth report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a credential phishing and smishing text-based phishin...
ACSC Essential 8 Cybersecurity Strategies, Maturity Levels, and Best Practices
Originally published in 2017 as an evolution of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents, the Australian Cyber Security Centre ACSC Essential 8 E8 consists of a set of strategies that can make it harder for threat actors to compromise a firm’s...
White House urges US businesses: Protect against potential Russian cyberattacks
On Monday, the White House told US business leaders to toughen up their cybersecurity defenses against a potential cyberattack from Russia. "The Biden-Harris Administration has warned repeatedly about the potential for Russia to engage in malicious cyber activity against the United States in...
U.S. Government Warns Companies of Potential Russian Cyber Attacks
The U.S. government on Monday once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country following its military assault on Ukraine last month. "It's part of Russia's playbook," U.S. President Joe Biden said in a statement,...
US Media, Retailers Targeted by New SparklingGoblin APT
An emerging international cybergang is broadening its targets to include North American media firms, universities and one computer retailer. The advanced persistent threat APT group is new, according to researchers who dubbed it SparklingGoblin. Also new is a novel backdoor technique, called...
US offers huge reward in fight against state-sponsored cybercriminals
The US Department of State has announced that its Rewards for Justice RFJ program is now offering: …up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious...
The Threat That Never Went Away Is Back (with a Vengeance)
What is your recollection of May 2017? Emmanuel Macron won the French election. The Ringling Bros. and Barnum & Bailey Circus gave its final performance after a 146-year run. The U.S. FCC voted to overturn net neutrality rules. And the National Health Service in the United Kingdom was crippled by...
These Hacks Require Literally Sneaking in the Backdoor
After slipping past security, picking a backdoor lock and gaining access to a company’s inner sanctum, a skilled hacker can cause mayhem. They can plant malware on a network, grab physical files and walk out the front door with a donut pilfered from the employee break room. Meet the world of a...
Protecting Against Ransomware Attacks: A Checklist
Sometimes all it takes is a malicious email to infect an entire municipality with ransomware, freezing important city systems from water utilities or websites. That was the case with the Florida city of Riviera Beach, which paid hackers $600,000 after being hit by a ransomware attack that downed...
How to Mature Your Threat Hunting Program with the ATT&CK™ Framework
John Wunder, Principal Cybersecurity Engineer at MITRE spoke in a recent webinar about how the ATT&CK framework is a knowledgebase of adversary behaviors, describing the things that are tough for the adversary to change – those at the top of David J. Bianco’s influential Pyramid of Pain. Wunder...
Researchers Developed Artificial Intelligence-Powered Stealthy Malware
Artificial Intelligence AI has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade...
Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection
Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...