Geek-Guy.com

173 search results for "security operations"

How do you unlock automation within IT security and IT operations?

The proliferation of endpoints in today’s enterprises is outpacing the ability of IT operations and security teams to cost-effectively manage increasingly complex environments.  Already stretched thin, teams face the daunting task of securing vast IT estates with siloed tools, stale data, and other hindrances that create the perfect “imperfect” environment for vulnerabilities. And simply adding…

Vectra AI, Lumifi Partner to Enhance XDR Security and SOC Operations

Vectra AI, a vendor of AI-driven extended detection and response (XDR) has partnered with managed detection and response (MDR) provider Lumifi to bring Vectra AI’s platform to Lumifi customers. Randy Schirman, channel chief of Vectra AI, and David Norlin, CTO at Lumifi spoke with Channel Insider to share more about why and how their partnership…

Staying Ahead: Key Cloud-Native Security Practices

Can Effective Non-Human Identities and Secrets Management Bolster Your Cloud-Native Security Practices? The revolution in technology has seen a significant shift in business operations, with many organizations adopting cloud-native applications. These applications offer various benefits, including scalability, versatility, and cost-efficiency. However, they also open a Pandora’s box of security threats. In the sea of these…

Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks 

The Department of the Treasury has sanctioned a Chinese national and a cybersecurity company based in Sichuan, China, for taking part in the Salt Typhoon hacking campaign that has swept up data from at least nine U.S. telecommunications companies. The department’s Office of Foreign Assets Control (OFAC) named Yin Kecheng of Shanghai and the Sichuan…

Closing software-understanding gap is critical to national security, CISA says

With Chinese-sponsored hackers lingering in the IT systems of various U.S. critical infrastructure networks, potentially imminent threats to the country’s national security abound. The Cybersecurity and Infrastructure Security Agency and federal partners hope to lessen that threat by closing a so-called “software understanding gap.” In a document released Thursday with the Defense Advanced Research Projects…

How HHS has strengthened cybersecurity of hospitals and health care systems

Hospitals and health systems across the country are experiencing a significant rise in cyberattacks. These cyber incidents have caused extended disruptions, patient diversion to other facilities, and the cancellation of medical appointments and procedures — all of which undermine patient care and safety. These attacks also expose vulnerabilities in our health care system and degrade…

EU’s DORA could further strain cybersecurity skills gap

Efforts spent in achieving compliance with the EU’s Digital Operational Resilience Act (DORA) are likely to pile further pressure on the already strained cybersecurity skills market. DORA, which comes into full effect today, aims to improve the cybersecurity and operational resilience of financial institutions in the EU, including banks, insurance companies, and investment firms. The…

SIEM buyer’s guide: Top 15 security information and event management tools — and how to choose

Security information and event management (SIEM) is a blue-collar tool for network security professionals. There’s nothing remotely glamorous about auditing, reviewing, and managing event logs, but it’s one of the more important aspects of building a secure enterprise network. In an industry increasingly driven by automation and AI, deep contextual data is a foundational component in…

Enhancing Cybersecurity with Zero Trust Security

As technology advances, so do the threats to our online security. In today’s digital landscape, organizations face a multitude of advanced threats that can compromise sensitive data and disrupt operations. It is crucial for businesses to stay informed about the latest security exploits and implement robust cybersecurity measures to protect themselves from potential cyberattacks. One…

Second Biden cyber executive order directs agency action on fed security, AI, space

A draft cybersecurity executive order would tackle cyber defenses in locations ranging from outer space to the U.S. federal bureaucracy to its contractors, and address security risks embedded in subjects like cybercrime, artificial intelligence and quantum computers. The draft, a copy of which CyberScoop obtained, constitutes one big last stab at cybersecurity in the Biden…

Biden’s final push: Using AI to bolster cybersecurity standards

In a decisive move to strengthen national cybersecurity, President Joe Biden is poised to sign an executive order imposing stringent security standards for federal agencies and contractors. Scheduled for publication in the coming days, the directive will emphasize integrating artificial intelligence (AI) into cyber defense strategies while addressing systemic vulnerabilities in software security, reported Reuters.…

Coro CEO on SMB Security Needs & Corporate Tech Sprawl

Security vendor Coro focuses on bringing the power of an all-in-one platform solution to small and medium-sized businesses (SMBs) and the channel partners who serve them. As 2025 kicks off in full force, CEO Guy Moskowitz shared his thoughts on areas of concern and opportunity with Channel Insider. SMBs need the “same thing” as enterprises,…

What is ‘security theater’ and how can we move beyond it?

Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn’t quite panning out like that.  If anything, tool sprawl has created an…

Malware targets Mac users by using Apple’s security tool

A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm. A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram,…

China-linked hackers target Japan’s national security and high-tech industries

Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China. The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security…

SOAR buyer’s guide: 11 security orchestration, automation, and response products — and how to choose

Security orchestration, automation, and response (SOAR) has undergone a major transformation in the past few years. Features in each of the words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response (EDR) tools. Orchestration is now a joint…

Optimizing Cloud Security with Advanced Secrets Scanning

Why is Secrets Scanning Critical for Cloud Security? Have you ever considered how secrets scanning could be the vital ingredient your organization needs to optimize cloud security? As technology advances at a relentless pace, so do the threats and vulnerabilities that pose significant risks to business operations. The challenge for cybersecurity professionals lies in equipping…

To Ban TikTok, Supreme Court Would Rank “National Security” Before First Amendment

There are limits to the First Amendment, under established U.S. Supreme Court precedent. There is no constitutional protection for inciting violence, committing perjury, or child pornography, for example. But when the justices convene on Friday to consider legislation that would effectively ban the video-based social media app TikTok in the United States as of January…

How CISOs can forge the best relationships for cybersecurity investment

When it comes to securing cybersecurity investments there are many things at play. The key often lies in the CISO’s ability to build relationships with key stakeholders across the organization. However, CISOs are being tasked with protecting their organizations while navigating budget constraints. Although nearly two-thirds of CISOs report budget increases, funding is only up…

CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in minutes

CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. The cybersecurity landscape is evolving as attackers harness the power of artificial intelligence (AI) to develop advanced and evasive threats. The rise of AI-generated malware and AI-enhanced cyberattacks has escalated the threat…

US military allocated about $30 billion to spend on cybersecurity in 2025

The United States military will receive about $30 billion in cybersecurity funding in fiscal 2025 from $895.2 billion earmarked for US military activities under the National Defense Authorization Act (NDAA), an annual piece of must-pass legislation signed by President Joe Biden last month. The nearly 1,000-page bill’s budget doesn’t enable clear-cut or quick calculations of…

How eBPF is changing appsec | Impart Security

What happens when cutting-edge technology meets the reality of securing modern applications? That’s the question our expert panel tackled in this conversation on how eBPF is reshaping application security. Moderated by Katie Norton of IDC, the discussion featured Brian Joe (Impart Security), Francesco Cipollone (Phoenix Security), and Daniel Pacak (cloud-native security consultant), who brought insights…

12 cybersecurity resolutions for 2025

As cyber threats continue to evolve, CISOs must prepare for an increasingly complex threat landscape. From dealing with AI-driven attacks to managing changing regulatory requirements, it’s clear that 2025 will be another big year for CISOs. But staying ahead requires more than just implementing the next cutting-edge set of tools or technologies. It demands a…

US government sanctions Chinese cybersecurity company linked to APT group

The US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon. The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its…

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them

In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS

NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester

SANTA CLARA, Calif., December 30, 2024 – We are thrilled to announce that NSFOCUS was selected as the notable vendor of Forrester The Security Analytics Platform Landscape, Q4 by its ISOP (Intelligent Security Operations Platform) with built-in NSFGPT AI assistant and AI-empowered security operation scenarios. “The security analytics platform is the core of the security…

SaaS SIEM: Transforming Cybersecurity with Seceon’s Innovative ApproachSaaS SIEM

As organizations continue to shift toward digital-first operations, the demand for robust cybersecurity solutions has never been greater. Cyber threats are evolving at an unprecedented rate, and businesses must remain agile to protect sensitive data and operations. Security Information and Event Management (SIEM) systems have long been a critical tool in this effort. However, the…

7 biggest cybersecurity stories of 2024

Cybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention. But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies. Longer-term trends such as increased cybersecurity regulations and the…

The year in ransomware: Security lessons to help you stay one step ahead

Operation Cronos, a Europol-led coalition of law enforcement agencies from 10 countries, announced in February that it had disrupted LockBit — one of the most prolific ransomware gangs in the world — at “every level” of its operations. Being responsible for 25% to 33% of all ransomware attacks in 2023, LockBit had become target No.…

How Secure Automation Saves Your Cloud Operations

Why is Secure Automation Essential for Cloud Operations? Modern businesses operate within a complex ecosystem. How can they ensure their cloud operations remain secure, streamlined, and efficient? The answer lies in secure automation. This blog post will delve into why secure automation is a must-have for any business, especially those relying heavily on cloud-based operations…

Russia bans cybersecurity company Recorded Future

Russia banned the cybersecurity company Recorded Future on Wednesday, labeling it an “undesirable” organization — much to its CEO’s delight. The company stands accused of collaborating with the Central Intelligence Agency, Ukraine and other countries.  “They provide information and technical support for the propaganda campaign launched by the West against Russia,” Russia’s Office of Prosecutor…

The Cybersecurity Stories that Defined 2024 in the Channel

More than ever, cybersecurity posture is an incredibly important aspect of the IT channel, with wide-ranging implications. As we continue to generate colossal amounts of data, protecting systems and clients has become a challenging task that requires partnerships, new emerging solutions, and acquisitions to overcome such a challenge. Over the course of 2024, there have…

Seamless API Threat Detection and Response: Integrating Salt Security and CrowdStrike NG-SIEM

APIs are essential for modern digital business operations, enabling smooth connectivity and data exchange between applications. However, the growing dependence on APIs has unintentionally widened the attack surface, making strong API security a vital concern for organizations. Traditional security measures often prove inadequate in effectively safeguarding this changing landscape. To address this challenge, integrating specialized…

Future of proposed US cybersecurity healthcare bills in doubt

Six months after Congressional hearings that promised action on the massive Change Healthcare ransomware attack and data theft, three pieces of proposed legislation to tighten cybersecurity requirements on healthcare providers are waiting to be dealt with. But Senators have left the proposals too late in the legislative calendar: Experts say the issue will likely only…

Navigating Cloud Security for Future Proofing Your Assets

Why is Cloud Security Imperative for Asset Protection? As businesses increasingly migrate their operations to the cloud, the demand for effective cloud security strategies gains precedence. The criticality of this requirement becomes glaringly obvious when one considers asset protection. But how does cloud security play into the grand scheme of asset protection? And how does…

10 wichtige Security-Eigenschaften: So setzen Sie die Kraft Ihres IT-Sicherheitstechnik-Teams frei

Lesen Sie, worauf es bei der Zusammenarbeit zwischen Ihrem IT-Security- und Engineering-Team ankommt. Foto: Lipik Stock Media – shutterstock.com Security-Teams bestehen in erster Linie aus Mitarbeitern, die für den Betrieb und die Einhaltung von Vorschriften und Richtlinien zuständig sind. IT-Sicherheitstechnik-Teams, neudeutsch Security-Engineering-Teams, hingegen sind Konstrukteure. Sie entwickeln Dienste, automatisieren Prozesse und optimieren Bereitstellungen, um das…

International crackdown disrupts DDoS-for-hire operations

In a sweeping international crackdown, law enforcement agencies from 15 countries, including the United States and multiple European nations, have dismantled 27 of the most popular platforms used for carrying out distributed denial-of-service (DDoS) attacks, Europol announced Wednesday. The operation, known as PowerOFF, has led to the arrest of three administrators in France and Germany…

A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite

Global Doughnut and coffee chain owner Krispy Kreme, famous for its “original glazed doughnuts,” has a “portion of their IT systems” disrupted by a cyberattack. In an SEC filing on Wednesday, the global doughnut business said it suffered a cybersecurity incident that has hampered part of its online business in the US. “Krispy Kreme shops…

The 7 most in-demand cybersecurity skills today

Cybersecurity teams find themselves understaffed, overburdened, and rushing to keep up with a rapidly changing threat landscape, as cyberattackers continually devise new ways to attack organizations — and organizations accelerate their embrace of the latest technologies. As a result, security professionals must continually upskill themselves to ensure they keep pace with organizations’ latest skill demands.…

Cybersecurity Risks of Rushing into Digital Transformation

Digital transformation is the buzzword of the decade. Businesses are racing to modernize their operations, adopt cloud technologies, and embrace automation. It’s an exciting time, no doubt, but in the rush to stay ahead, have you considered the cybersecurity risks that come with it? While digital transformation offers numerous benefits—efficiency, scalability, and improved customer experiences—rushing…

Email Security Best Practices: A Guide for Your Business

Email is the lifeblood of business communication, but it’s also a prime target for cyber threats. If your email security isn’t airtight, you’re leaving the door wide open to cybercriminals who are more than eager to exploit any vulnerability.  The good news? Protecting your email doesn’t have to be complicated.  With the right practices in…

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of nation-state cyber operations. The team mimics the techniques, tradecraft, and behaviors of sophisticated threat actors and…

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian Centre for Cyber Security (CCCS),…

A Brief Guide for Dealing with ‘Humanless SOC’ Idiots

image by Meta.AI lampooning humanless SOC My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans Out Of Security Operations”). But I wanted to write…

New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)

After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.” As a reminder (and I promise you do need it; it has been years…), the previous 4 papers are: “New Paper: “Future of the SOC: Evolution or…

UN agency’s job application database breached, 42,000 records stolen

The International Civil Aviation Organization (ICAO) on Tuesday said that it is “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” and has initially concluded that “approximately 42,000 recruitment application data records from April 2016 to July 2024” were stolen. In its initial statement,…

What Top Technologies IT Leaders Want From Solution Providers in 2025

Now that we’ve turned the page over to the new year, organizations will begin to set their sights on what technologies and services they should prioritize this year. Enterprises must deliver successful digital initiatives while navigating budget constraints. According to Gartner’s 2025 CIO Agenda, CIOs should aim to “grow the digital vanguard by making it…

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store. On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that…

CISSP Domains and Guidance

The ISC2 (International Information System Security Certification Consortium) has several certifications, each with its own domains of knowledge. To give you the most relevant information, I need to know which certification you’re interested in. However, since the CISSP (Certified Information Systems Security Professional) is one of their most popular certifications, we provide those domains as…

Kindo Unveils New Channel Partner Program for AI-Powered DevSecOps Solutions

Cybersecurity company, Kindo, is launching a new channel partner program aimed at empowering value-added resellers (VARs), MSPs, and other partners to deliver their AI-augmented security operations to DevSecOps teams on a global scale to accelerate growth and expand market reach. Program signals Kindo’s desire for mutual success According to the company, its channel partner program…

From reactive to proactive: Redefining incident response with unified, cloud-native XDR

In today’s rapidly evolving threat landscape, cybersecurity is a constant game of cat and mouse. The average security operations center (SOC) team receives 4,484 alerts every day and can spend up to 3 hours manually triaging to understand which signals represent a genuine threat and which are just noise. However, this model traps SOCs in…

Arctic Wolf acquires Cylance from BlackBerry for $160 million

Minnesota-based Arctic Wolf, a cybersecurity operations firm, announced an agreement Monday to acquire BlackBerry’s Cylance business for $160 million, a stark drop from the $1.4 billion BlackBerry initially paid to acquire the startup in 2018.  Arctic Wolf is integrating Cylance’s AI-powered endpoint security technology into its platform to broaden its security solutions. With this acquisition,…

SonicWall Partners with CrowdStrike to Protect SMBs with New MDR Offering

Recently, SonicWall announced that it would be partnering with CrowdStrike to deliver a new Managed Detection and Response (MDR) offering to bring enterprise-grade security to small- and medium-sized businesses (SMBs). SonicWall and CrowdStrike bring together services and products SonicWall’s trusted Managed Security Services (MSS) combines with CrowdStrike’s Endpoint Detection and Response (EDR) capabilities from the…

EU to take aim at healthcare cyber threat

The European Commission is presenting an action plan to strengthen cybersecurity in healthcare as one of its key priorities in the first 100 days of the commission’s new mandate. The healthcare sector has been under increasing pressure from cyberattacks in the past few years, with 309 cybersecurity incidents reported by member states in 2023. Ransomware…

DOGE Got Sued Three Times While Elon Musk Watched The Trump Inauguration

In less than 30 minutes on Monday, Elon Musk and his so-called Department of Government Efficiency were hit with three different lawsuits over the legal status of the effort to find federal regulations to eliminate and federal employees to fire. The lawsuits landed as Musk rubbed elbows with fellow billionaires at President Donald Trump’s inauguration.…

Midsize firms universally behind in slog toward DORA compliance

Beginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation. According to a November 2024 survey from metafinanz, the average level…

How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots

The ticketing industry is under constant threat from malicious bots, with bad actors targeting these platforms for financial gain. Bots accounted for 31.1% of all traffic to entertainment platforms in 2024, with attacks ranging from scalping and credential stuffing to carding operations. When one public museum experienced a surge in fraudulent transactions, they turned to…

US hits back against China’s Salt Typhoon group

The US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking. On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology,…

TSA extends cyber requirements for pipeline owners

The Transportation Security Administration is locking in a pair of pipeline directives for additional years ahead of the looming White House transition. In a posting to the Federal Register on Friday, the Department of Homeland Security component said it ratified the Security Directive Pipeline-2021-01 series and the Security Directive Pipeline-2021-02 series and would extend the…

Restoring U.S. cyber resilience: A blueprint for the new administration

As the incoming Trump administration prepares to take office, it confronts a critical juncture for cybersecurity. The escalating digital threats from state-sponsored adversaries like China, Iran, North Korea and Russia coincide with fractured global governance and a shifting domestic policy landscape. This moment presents a unique opportunity for the administration to establish itself as a…

What is a Managed Service Provider (MSP)?

A managed service provider (MSP) is a third-party company that remotely manages a customer’s IT infrastructure and end-user systems. They deliver services like network, application, infrastructure, and security services through ongoing and regular support with active administration on customers’ premises. Small- and medium-sized businesses (SMBs), nonprofits, and government agencies that lack in-house resources hire MSPs…

Was ist ein Payload?

Ähnlich wie damals die griechischen Soldaten, die im Inneren des trojanischen Pferdes auf den passenden Zeitpunkt lauerten, werden Payloads zum Beispiel in vermeintlich harmlosen Dateianhängen versteckt und starten ihren Angriff oftmals durch einen Trigger zu einem späteren Zeitpunkt. Foto: wk1003mike – shutterstock.com Der Begriff „Payload“ hat seinen Ursprung im Transportwesen. Dort beschreibt „Nutzlast“ die Menge…

Treasury sanctions North Korea over remote IT worker schemes

The U.S. Treasury Department announced sanctions Thursday against two individuals and four entities allegedly involved in generating revenue for North Korea through illicit remote IT workforce operations, the latest salvo in ongoing efforts to disrupt financial streams that support Pyongyang’s weapons programs. The sanctions focus on efforts in which North Korea sent thousands of skilled…

Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp

The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025.  Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change…

The CFO may be the CISO’s most important business ally

CISOs frequently encounter inherent conflicts with business colleagues in their day-to-day responsibilities. In many ways, this is the nature of setting security policies for an organization. But the goal for CISOs should be to reset this dynamic and forge a strong, collaborative alliance with their critical leadership counterparts. Take the CFO, for example. For many…

International effort erases PlugX malware from thousands of Windows computers

The US has again taken court-approved action to remove malware from privately-held internet-connected computers across the country, part of an effort by a number of countries to combat infections of a version of the PlugX malware from a Chinese-based group that has infected thousands of Windows machines around the world. PlugX is a remote access…

Law enforcement action deletes PlugX malware from thousands of machines

U.S. and international law enforcement agencies have removed the PlugX malware from thousands of computers worldwide in a coordinated campaign to blunt the effectiveness of one of the most infamous pieces of malware used by malicious cyber actors. According to recently unsealed court documents from the Eastern District of Pennsylvania, the U.S. Department of Justice…

Fancy Bear spotted using real Kazak government documents in spearpishing campaign

A hacking group linked to Russian intelligence has been observed leveraging seemingly legitimate documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia, according to researchers at Sekoia. The files, laced with malware, include draft versions of diplomatic statements, correspondence letters, internal administrative notes and other documents…

Hotel chain ditches Google search for DuckDuckGo — ‘subjected to fraud attempts daily’

At the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security. “The receptionists worked with whiteboards to keep track of which rooms…

Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea

In recent months, incoming Trump administration national security adviser Mike Waltz and some lawmakers have suggested that in response to Chinese cyber breaches, the United States needs to prioritize taking more aggressive offensive actions in cyberspace rather than emphasizing defense. It’s been said before. And it’s easier said than done. Experts that spoke with reporters…

Network Configuration and Change Management Best Practices

Managing network configurations and changes is a critical component of modern IT operations, ensuring organizations maintain security, operational efficiency, and business continuity. In today’s fast-paced and complex technology environments, even… The post Network Configuration and Change Management Best Practices appeared first on Security Boulevard.

CISOs embrace rise in prominence — with broader business authority

It’s a familiar refrain: As cybersecurity has become a core business priority, it is no longer a siloed operation, and the responsibilities of CISOs have grown, giving them greater prominence within the organization. According to CSO’s 2024 Security Priorities Study, 72% of security decision-makers say their role has grown to include additional responsibilities over the…

Russian nationals charged with operating crypto mixers that masked cybercrime funds

Three Russian nationals were indicted this week for their roles in managing a pair of cryptocurrency mixing services, operations that were funded in part by money gained through ransomware attacks.  The indictment from a federal grand jury in the Northern District of Georgia alleges that Roman Vitalyevich Ostapenko, 55, Alexander Evgenievich Oleynik, 44, and Anton…

SEC rule confusion continues to put CISOs in a bind a year after a major revision

Confusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say. As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict…

Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances

Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks,…

New zero-day exploit targets Ivanti VPN product

A year after a series of vulnerabilities impacting a pair of Ivanti VPN products prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency to federal agencies, the Utah-based software firm is again experiencing issues with one of its signature systems. The company on Wednesday disclosed two vulnerabilities — CVE-2025-0282 and CVE-2025-0283 — that…

Microsoft moves to disrupt hacking-as-a-service scheme that’s  bypassing AI safety measures

Microsoft is petitioning a Virginia court to seize software and shut down internet infrastructure that they allege is being used by a group of foreign cybercriminals to bypass safety guidelines for generative AI systems. In a filing with the Eastern District Court of Virginia, Microsoft brought a lawsuit against ten individuals for using stolen credentials…

The biggest data breach fines, penalties, and settlements so far

Sizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data. Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with…

A Day in the Life of a Prolific Voice Phishing Crew

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety…

Managed Patch Management: An Opportunity for MSPs

There are various methods to protect against unauthorized access to your company’s networks, and patch management is a simple way to address security vulnerabilities or bugs in the system. Maintaining network security through updates and patches can improve your customers’ experience with their technology, and ensure your services remain valuable to the businesses that you…

WordPress Appliance - Powered by TurnKey Linux