Sixty-nine percent of organizations now manage more machine identities than human ones, with nearly half handling ten times as many. Machine identities—ranging from applications, databases, and bots to IoT devices and SaaS tools—are becoming more prevalent, with nearly three-quarters (72%)…
Tag: Information Security Buzz
Cyware Attains FedRAMP Ready Status
Cyware, a provider of threat intelligence management and cyber fusion solutions, has attained Federal Risk and Authorization Management Program (FedRAMP) Ready status. With FedRAMP Ready status, Cyware says it is positioned to accelerate the authorization process, facilitate broader implementation of…
Horizon3.ai Debuts NodeZero Kubernetes Pentesting to Strengthen Critical Infrastructure Defense
Horizon3.ai, a provider of autonomous security solutions, has debuted NodeZero Kubernetes Pentesting, a feature designed to empower entities with advanced offensive security capabilities within Kubernetes environments. Available to all NodeZero users, this tool helps security teams simulate real-world attacks within…
Volt Typhoon Gang and Botnet Re-Emerge Targeting Critical Infrastructure
Volt Typhoon, a stealthy and resilient state-sponsored cyber-espionage group has re-emerged as a severe and silent threat to critical infrastructure worldwide, demonstrating increased sophistication and determination. In January this year, the US Department of Justice said it disrupted the People’s…
Sophisticated Infostealers Top Malware Rankings
Cybercriminals are leveraging increasingly sophisticated attack methods, including the strategic deployment of infostealers, research from Check Point Software’s October 2024 Global Threat Index reveals. The report also notes that the ‘Lumma Stealer’ malware, which leverages fake CAPTCHA pages to infiltrate…
New Tool “GoIssue” Unleashes Advanced Phishing Threat to GitHub Users
A newly discovered tool named “GoIssue,” marketed on a prominent cybercrime forum, is bringing fresh concerns to the cybersecurity community with its ability to mine email addresses from GitHub profiles and send bulk phishing emails to targeted inboxes. Discovered by…
New Wave of Phishing Attacks Exploits Microsoft Visio Files for Two-Step Credential Theft
Researchers at cybersecurity firm Perception Point have identified a new type of two-step phishing attack that exploits Microsoft Visio files (.vsdx) and Microsoft SharePoint. This strategy uses the .vsdx format to embed malicious URLs, effectively bypassing conventional security measures and…
New Phishing Campaign Delivers Advanced Remcos RAT Variant
Fortinet’s FortiGuard Labs has uncovered a sophisticated phishing campaign distributing a new variant of the Remcos Remote Access Trojan (RAT). The campaign begins with a phishing email containing a malicious Excel document designed to exploit vulnerabilities and deliver the Remcos…
Six Questions to Ask Your Would-Be SIEM Provider
Gathering and deciphering data insights for usable solutions forms the foundation of a strong cybersecurity strategy. However, organizations are swimming in data, making this task complex. Traditional Security Information and Event Management (SIEM) tools are one method that organizations have…
An Ultimate Guide to Exchange Server Database Recovery
Databases in Exchange Server play a crucial role in the smooth functioning of an organization as all the critical information, such as emails, contacts, tasks, notes, calendars, etc., is stored in them. Sometimes, databases become corrupted due to server failure…