Author: nlqip
Experts agree that organisations need to conduct thorough audits and risk assessments. The best defences involve tight configuration management, software bill-of-materials tracking, security awareness training, and limiting what can be installed. “Understanding your attack surface and conducting regular external asset mapping exercises is critical,” Tim West, Director, Threat Intelligence at With Secure. “It is important…
Read MoreJun 13, 2024NewsroomSaaS Security / Shadow IT Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy…
Read MoreAI and the Indian Election As India concluded the world’s largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies—and what lessons that holds for the rest of the world. The campaigns made extensive use of AI, including deepfake impersonations…
Read MoreJun 13, 2024NewsroomMalware / Cyber Attack The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. “The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade…
Read MoreJun 13, 2024NewsroomThreat Intelligence / Cyber Attack Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are…
Read MoreAs businesses increasingly migrate to the cloud, chief information security officers (CISOs) face numerous critical challenges in ensuring robust cloud security. Don’t believe me? Experts highlighted this at the recent Gartner Security & Risk Management Summit. Gartner projects a significant 24% increase in spending on cloud security, positioning it as the fastest-growing segment within the…
Read MoreApple announces a new privacy feature in iOS that will allow you to hide and lock away your apps – but will be philanderers who benefit the most? And an ex-police officer is arrested for extortion. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham…
Read MoreJun 13, 2024NewsroomCyber Crime / Ransomware The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in…
Read MoreJun 13, 2024NewsroomMobile Security / Vulnerability Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related to the nature…
Read MoreJun 13, 2024NewsroomCyber Attack / Malware A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said “this backdoor is not…
Read More