Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. These Noise Storms are suspected to be covert communications, DDoS attack coordination signals, clandestine command and control (C2) channels of malware operations, or the result…
Read MoreCloud-native workloads introduce a unique set of challenges that complicate traditional approaches to vulnerability management. Learn how to address these challenges and scale cloud-native VM in your org. As enterprises continue their migration to cloud-native architectures, the need for advanced vulnerability management (VM) strategies tailored specifically for cloud has intensified. The complexities inherent in cloud-native…
Read MoreBusiness Security Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help 18 Sep 2024 • , 4 min. read ‘Seek legal advice’, this has to be my top recommendation if you have suffered a cyber-incident that could be deemed material, involves…
Read MoreCybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital’s systems are held hostage by ransomware, it’s not just data at risk — it’s the care of patients who depend on life-saving treatments. Imagine an attack…
Read MoreA clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new “issue” on an open source repository falsely claiming that the project contains a “security vulnerability” and urges others to visit a…
Read MoreSep 19, 2024Ravie LakshmananHealthcare / Malware Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant’s threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832). “Vanilla Tempest…
Read MoreIn recent years, cybercriminals have increasingly adopted a tactic known as “living off the land” (LotL) to carry out devastating ransomware attacks. This approach involves using legitimate system administration tools and processes to evade detection and execute malicious activities. By leveraging trusted software already present on target systems, attackers can blend in with normal operations…
Read MoreSep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user…
Read MoreDiscord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. DAVE was created with the help of cybersecurity experts at Trail of Bits, that also audited the E2EE system’s code and implementation. The new system will cover one-on-one audio and…
Read MoreEuropol and law enforcement from nine countries successfully dismantled an encrypted communications platform called “Ghost,” which was used by organized crime such as drug trafficking and money laundering. Ghost featured advanced security and anonymization features, allowing the purchase of subscriptions with cryptocurrency, featuring three encryption layers, and a message self-destruction system that eliminated evidence from the…
Read More