In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total […]
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen […]
DPRK ‘IT Workers’ Pivot to Europe for Employment Scams
By using fake references and building connections with recruiters, some North Korean nationals are landing six-figure jobs that replenish DPRK coffers. ​The original article found […]
In Salt Typhoon’s Wake, Congress Mulls Potential Options
While the House Committee on Government Reform was looking for retaliatory options, cybersecurity experts pointed them toward building better defenses. ​The original article found on […]
Gootloader Malware Resurfaces in Google Ads for Legal Docs
Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising. ​The original article found on darkreading Read More
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor […]
How an Interdiction Mindset Can Help Win War on Cyberattacks
The US military and law enforcement learned to outthink insurgents. It’s time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same […]
Visibility, Monitoring Key to Enterprise Endpoint Strategy
A successful enterprise security defense requires a successful endpoint security effort. With options ranging from EDR, SIEM, SOAR, and more, how do security teams cut […]
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials. “Outlaw […]
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National […]