SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
Cyber Security News
Top 8 SSPM Tools to Secure Your SaaS Stack in 2024
The explosion of cloud-based applications, or SaaS (Software-as-a-Service), has transformed the way businesses operate.
SC Magazine
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
Infosecurity News
Infostealers Prevalent in Retail Sector Cybercrime Trends
The findings from Netskope also show a shift in the retail sector’s use of cloud applications
The Hacker News
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Researchers uncover a sophisticated malware campaign using fake Google Sites pages and HTML smuggling to distribute AZORult, a notorious info stealer.
SC Magazine
Fake Google Docs on Google Sites launch AZORult infostealer campaign
Azorult infostealer aims to steal user credentials and credit card information via HTML smuggling.
SecurityWeek
Cyber Insights 2024: Supply Chain
Supply chain security: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers
DarkReading
CISO Corner: CIO Convergence, 10 Critical Security Metrics, & Ivanti Fallout
Also in this issue: Mideast investment, new FCC breach notification rules, and how Dark Reading readers use GenAI tools in their cybersecurity apparatus.
.webp)
Cyber Security News
10 Best Secure Network As a Service for MSP Providers - 2024
Secure Network As a Service for MSP: 1. Perimeter 81 2. Cloudflare 3. Netskope 4. VMware 5. Palo Alto Networks 6. Aarna Networks.
Cyber Security News
Top 10 Security Service Edge (SSE) Solutions for Network Security - 2024
Best Security Service Edge (SSE) Solutions: 1. Perimeter 81 2. wingate 3. Cisco Umbrella 4. Forcepoint 5. Skyhigh Security 6. Netskope.
%20-%20APT%20Hackers%20Abusing%20GitHub%20To%20Deliver%20Malware%20Payload.webp)
Cyber Security News
Living-off-Trusted-Sites (LOTS) - APT Hackers Abusing GitHub To Deliver Malware Payload
Cybersecurity researchers at Recorded Future recently discovered that APT hackers are actively exploiting the GitHub platform.
CyberSecurity Dive
Cyber funding and M&A drop in 2023
Venture capitalists shifted strategies throughout 2023 as they tightened investment levels to minimize potential losses, Pinpoint Search Group found.
Infosecurity News
Cybersecurity Deals Boom as Investment Dips, Pinpoint Reports
2023 saw an increased number of deals in the cybersecurity industry, but the overall investment in the sector dropped, Pinpoint revealed
SecurityWeek
Cybersecurity Funding Dropped 40% in 2023: Analysis
The volume of cybersecurity transactions increased in 2023 compared to 2022, but the total amount of funding decreased significantly.
The Hacker News
Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
A new phishing campaign is using Microsoft Word docs as bait to deliver Nim-based malware.
The Cyber Express
Head in the Clouds: Top 10 Cloud Security Companies to Watch in 2024
The significance of cloud security has risen dramatically in the past few years. As businesses move towards digitalization, safeguarding applications
Infosecurity News
EU Reaches Agreement on AI Act Amid Three-Day Negotiations
The landmark bill will regulate the use of generative AI models like ChatGPT and AI systems used by governments and law enforcement
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Cyber Security News
11 Best Cloud Access Security Broker Software (CASB) - 2023
Best Cloud Access Security Broker (CASB) Software: 1. DoControl CASB 2. Microsoft Cloud App Security 3. Forcepoint 4. Palo Alto Networks.
SecurityWeek
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023
Twenty-eight cybersecurity-related merger and acquisition (M&A) deals were announced in September 2023, fewer than last month
SecurityWeek
SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation
SASE company Cato Networks has raised $238 million in equity investment, bringing total funding to $773 million.
SecurityWeek
Cybersecurity M&A Roundup for First Half of September 2023
A dozen cybersecurity-related merger and acquisition M&A deals were announced in the first half of September 2023.
The Hacker News
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
⚠️ Attention Facebook Business Users: Python-based NodeStealer malware has returned. It now targets multiple web browsers to hack accounts.
Computerworld
GenAI in productivity apps: What could possibly go wrong?
In addition to controlling the use of ChatGPT and other standalone tools, companies now have to grapple with generative AI being built into the productivity apps their employees use every day.
.webp)
Cyber Security News
Threat and Vulnerability Roundup for the week of August 13th to 19th
Welcome to Cyber Writes' weekly Threat and Vulnerability Roundup, where we provide the most recent information on cybersecurity news. Take advantage of our extensive coverage and keep yourself updated.
Cyber Security News
New Phishing Attack Exploits Cloudflare R2 Hosting Service to Steal Cloud Passwords
Threat actors behind these phishing campaigns exploit Cloudflare R2's free hosting service. While apart from this, with the help of two exceptional techniques, the operators evade the scanners and URL analyzers.
The Hacker News
Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn
The use of Cloudflare R2 for hosting phishing pages has surged by 61x in just six months.
Cyber Security News
Best SASE (Secure Access Service Edge) Solutions - 2023
Best SASE Solutions & Vendors (Secure Access Service Edge): 1. Perimeter81 2. Cisco Umbrella 3. Zscaler 4. Palo Alto 5. Prisma Access.
Infosecurity News
Malicious Actors Exploit GitHub to Distribute Fake Exploits
The perpetrators went to great lengths to make their profiles appear genuine
Infosecurity News
Breach containment, response, recovery and resilience key to discussions
exhibitors at Infosecurity Europe are lining up to provide insight and advice to focus on response
Cyber Security News
What is Secure Access Service Edge (SASE) - A Managerial Guide For Network Security
Secure Access Service Edge (SASE) is a cloud-based security service that uses encryption to protect your data and your confidential.
CyberSecurity Dive
Cyber venture capital funding slows to a trickle, a sharp decline from 2022 investment
Funding declined 58% year-over-year in Q1, though this quarter marked a slight increase from Q4 2022.
Trend Micro
2022 Review: Trend Transforms to SaaS Cybersecurity
Transformation to a SaaS-based cybersecurity vendor
SecurityWeek
SASE Company Netskope Raises $401 Million
Netskope has raised $401 million in an oversubscribed investment round led by Morgan Stanley Tactical Value.
SecurityWeek
Over 50 New CVE Numbering Authorities Announced in 2022
More than 50 organizations have been added as a CVE Numbering Authority (CNA) in 2022, bringing the total to 260.
SecurityWeek
Companies Announced Billions in US Government Cybersecurity Contracts in 2022
Companies have announced securing billions of dollars in cybersecurity-related contracts with the US government in 2022.
CSO
Meta’s new kill chain model tackles online threats
Meta researchers say their Online Operations Kill Chain framework offers a common taxonomy to understand the threat landscape and spot vulnerabilities.
SecurityWeek
Cybersecurity M&A Roundup: 41 Deals Announced in August 2022
Forty-one cybersecurity-related M&A deals were announced in August 2022.
CyberSecurity Dive
SaaS sprawl amps up security challenges amid heightened risk
Two-thirds of businesses say they're spending more on SaaS applications year over year, Axonius data shows.
SecurityWeek
Cybersecurity M&A Roundup for August 1-15, 2022
Twenty-three cybersecurity-related M&A deals were announced in the first half of August 2022.
Bleeping Computer
Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites.
DarkReading
In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement
With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections.
SecurityWeek
Google Announces New Chrome and Chrome OS Security Features for Enterprises
Google has announced some new Chrome and Chrome OS features that should help enterprises improve security.
Bleeping Computer
Fake Binance NFT Mystery Box bots steal victim's crypto wallets
A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories.
CyberSecurity Dive
Emotet reemerges as top malware in circulation
The botnet’s activity surged 2,823% between Q4 2021 and Q1 2022, displaying a more recent shift in targets, HP Wolf Security analysts said.
CyberSecurity Dive
SEO-savvy threat actors drive surge in malware downloads
Cybercriminals flooded Google and Bing with malicious PDF files that contain commonly searched keywords, resulting in a 450% annualized increase in phishing downloads.
CyberSecurity Dive
Security professionals are burned out. Here are 5 ways to help them.
Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business.
Bleeping Computer
Malicious PowerPoint files used to push remote access trojans
Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans.
Bleeping Computer
OceanLotus hackers turn to web archive files to deploy backdoors
Vietnamese hackers of the APT32 group (Ocean Lotus) are now using Web Archive files (.mht and .mhtml) to deploy backdoors on their targets.