Infosecurity News
SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
Proofpoint said the attackers modified registry key names for persistence
SecurityWeek
Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets
Palo Alto Networks and IBM have announced a significant partnership to jointly provide cybersecurity solutions.
Trend Micro
Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Infosecurity News
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stopped
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
CyberSecurity Dive
Cyber pros weigh an intel-sharing quandary: What to share when attacks hit close to home
The detail and speed with which companies share information after an attack can prevent future pain. But businesses aren’t always keen on transparency.
The Hacker News
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
CyberSecurity Dive
Congress wants to question Microsoft exec over security defects
The committee wants to question Brad Smith, Microsoft’s president and vice chair, over the company’s security shortcomings and how it plans to strengthen security measures.
CyberNews
AI abused to clone voices, FBI warns
The San Francisco division of the FBI is warning individuals and organizations to be aware of AI used by cybercriminals.
Krebs on Security
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy,…
DarkReading
Is CISA's Secure by Design Pledge Toothless?
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
DarkReading
Cybersecurity Races to Unmask New Wave of AI Deepfakes
Kevin Mandia, CEO of Mandiant at Google Cloud, calls for watermarks as the industry braces for a barrage of mind-bending AI-generated fake audio and video.
Infosecurity News
#RSAC: Experts Highlight Novel Cyber Threats and Tactics
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CyberSecurity Dive
Officials see a real change in Microsoft’s security plans: financial accountability
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
DarkReading
CISA Sells Private Sector on CIRCIA Reporting Rules
New regulations require companies to turn over incident data to CISA within 3 days or face enforcement. Here's how the agency spins this as a good thing.
The Record
As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted
The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
DarkReading
Aggressive Cloud-Security Player Wiz Scores $1B in Funding Round
The latest round of investment prices the fast-growing cloud native application protection platform (CNAPP) at $12 billion with a simple mandate: Grow quickly through acquisition.
Infosecurity News
Why Cybersecurity Professionals Have a Duty to Secure AI
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
Infosecurity News
RSAC: How CISOs Should Protect Themselves Against Indictments
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
SecurityWeek
Criminal Use of AI Growing, But Lags Behind Defenders
Despite the current lack of large-scale criminal exploitation of gen-AI, researchers highlight indications that this may change.
CyberSecurity Dive
68 tech, security vendors commit to secure-by-design practices
CISA said companies ranging from Microsoft to Palo Alto Networks signed the voluntary pledge in an effort to boost resiliency and increase transparency around CVEs and cyberattacks.
CyberSecurity Dive
CISA explains why it doesn’t call out tech vendors by name
Federal officials rarely criticize tech companies when their mistakes result in attacks. The stinging conclusions CSRB levied at Microsoft are an exception, not the norm.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 3)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The Cyber Express
Google Brings Gemini AI to Cybersecurity
Google has brought together its Gemini AI model with its Mandiant cybersecurity unit and VirusTotal threat Intelligence to enhance threat
SC Magazine
RSAC 2024: Top cyber insurance trends, traps and advice
A panel of experts unpack the art of cyber insurance here at RSA Conference and share what's new in coverage and claims.
The Record
With nation-state threats in mind, nearly 70 software firms agree to Secure by Design pledge
CISA Director Jen Easterly said the voluntary pledge by software companies is important because of widespread nation-state hacking campaigns, including the Volt Typhoon operation attributed to China.
The Record
Federal agencies assisting Catholic health network amid cyberattack
Deputy National Security Advisor Anne Neuberger said the incident is an example of the need for more to be done to protect critical infrastructure.
The Record
Cyberthreat landscape permanently altered by Chinese operations, US officials say
The wide-ranging hacking campaign by the state-backed group Volt Typhoon is seen as a prelude of what's to come.
The Record
In interview, LockBItSupp says authorities outed the wrong guy
LockBitSupp, head of the LockBit cybercrime operation, tells the Click Here podcast team that he is not Russian national Dmitry Khoroshev, as claimed by the U.S., U.K. and Australia.
Infosecurity News
Three Strategies to Boost Open-Source Security
Experts at the RSA Conference discussed how governments, the open-source community and end users can work together to drastically improve the security of open-source software
Infosecurity News
#RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
Infosecurity News
#RSAC: Researchers Share Lessons from the World's First AI Security In
Researchers from Carnegie Mellon University have shared an overview of their new AI Security Incident Response Team (AISIRT)
SecurityWeek
Healthcare Cybersecurity Firm Blackwell Raises $13 Million
Healthcare cybersecurity company Blackwell Security has raised $13 million and appointed Geyer Jones as its first CEO.
CyberSecurity Dive
The US really wants to improve critical infrastructure cyber resilience
A report from the Office of the National Cyber Director highlights persistent threats targeting healthcare and water, echoing warnings from cyber officials earlier this year.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 2)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CSO
US doing all it can to manage global cybersecurity threats, secretary of state tells RSAC
The US government is moving to address the challenges of quantum computing, cloud strategies, and generative AI, Anthony Blinken said in a speech that was light on specifics.
The Record
CISA wants ‘high-quality feedback’ for another month on CIRCIA rule
Industry asked for an extension of the comment period for a key rule on cybersecurity incident reporting, and "in the interest of supporting the community out there, we decided to give them an extra 30 days,” said Brandon Wales, CISA’s executive director, at the 2024 RSA Conference.
The Record
Former NSA head Paul Nakasone to helm national security institute at Vanderbilt
The former U.S. Cyber Command and National Security Agency chief will be the founding director of a national security-focused hub at the Nashville-based campus.
The Record
Cyber director sees potential for a new era in White House office
The Office of the National Cyber Director has had four different leaders in less than a year. The current chief, Harry Coker, says it can move past that turmoil by sticking to its marching orders.
SC Magazine
RSAC 2024: Securing ‘fragmented’ identities in the cloud age
Zero trust, access certification campaigns and regular AD risk assessments are more critical than ever.
SC Magazine
RSAC 2024: CISA, DHS grapple with cyber risks in the age of AI
AI and “secure by design” will be crucial to defend against ransomware, CI attacks and AI threats in the coming years.
The Record
Any number given of Volt Typhoon victims ‘likely an underestimate,’ CISA says
The campaign by Chinese hackers to target U.S. critical infrastructure is intended to “cause disruption and sow societal panic,” a senior cybersecurity official said Tuesday.
Infosecurity News
Decoding US Government Plans to Shift the Software Security Burden
US government officials discussed plans on how to incentivize security by design principles in the software manufacturing process during RSA
DarkReading
Does CISA's KEV Catalog Speed Up Remediation?
Vulnerabilities added to the CISA known exploited vulnerability (KEV) list do indeed get patched faster, but not fast enough.
DarkReading
What's the Future Path for CISOs?
A panel of former CISOs will lead the closing session of this week's RSA Conference to discuss challenges and opportunities.
Infosecurity News
Log4J Still Among Top Exploited Vulnerabilities, Cato Finds
A new report by Cato Networks found that exploiting old vulnerabilities in unpatched systems is one of threat actors’ favorite initial access vectors
Infosecurity News
Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
The Cyber Express
Global Infosec Awards 2024: Cyble Wins Nine Accolades, Recognized Among the Best in Cybersecurity
Cyber Defense Magazine (CDM), marking its 12th anniversary as the leading electronic information security magazine, announced the winners of the
DarkReading
Blinken: Digital Solidarity Is 'North Star' for US Policy
The four goals of the US International Cyberspace and Digital Policy Strategy are to advance economic prosperity; enhance security and combat cybercrime; promote human rights, democracy, and the rule of law; and address other transnational challenges.
The Cyber Express
U.S. Unveiled International Cyberspace and Digital Policy Strategy at RSAC 2024
The U.S. Secretary of State Antony Blinken unveiled an International Cyberspace and Digital Policy Strategy on Monday, outlining the Biden
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CyberSecurity Dive
China-linked attackers are successfully targeting network security devices, worrying officials
Espionage groups linked to China are heavily exploiting zero days, focusing on devices that lack endpoint detection and response capabilities, one expert said.
The Cyber Express
Top 5 Cybersecurity Companies Making Waves at RSAC 2024
The RSA Conference 2024, the world's biggest cybersecurity event, is currently underway at the Moscone Center in San Francisco. Over
Infosecurity News
Securing Foundational Tech Critical to Upholding Democratic Values
US Secretary of State Antony Blinken said that the US and its allies must ensure foundational technologies are used for the betterment of society
CSO
Google launches Google Threat Intelligence at RSA Conference
The new addition to Google Cloud Security is designed to give security teams information to inform approaches to protecting against external threats, managing attack surfaces, and mitigating digital risks.
The Record
RSA Conference 2024 [Live Updates]
Recorded Future News will be providing live coverage from the 2024 RSA Conference in San Francisco.
The Record
Mayorkas: Implementation of AI can’t lead to 'a perpetuation of implicit bias'
The secretary of Homeland Security told an RSA Conference crowd that he was encouraged by the discussion in the first meeting of the department's AI advisory board.
The Record
Volt Typhoon operation came up 'directly' in U.S.-China talks, ambassador says
Nathaniel Fick, the State Department’s ambassador-at-large for cyberspace and digital policy, told reporters at the RSA Conference that U.S. and Chinese officials "did speak about Volt Typhoon directly" during a recent meeting.
The Record
Scattered Spider group a unique challenge for cyber cops, FBI leader says
“It's very difficult to dismantle large organizations like this," said Brett Leatherman, deputy assistant director of the FBI’s cyber division.
The Record
Warner: Lawmakers 'in process' of finding Section 702 fix
"We're working on it," says the Senate Intelligence Committee chairman about the recently renewed law's handling of “electronic communications service providers” — a sticking point for privacy advocates.
SC Magazine
RSAC 2024: Outfoxing SSO: Bypassing modern authentication
Identity security firm Silverfort shows how an adversary could bypass FIDO2 protections and SSO to hijack a session token for abuse.
SC Magazine
RSAC 2024: AI adds new dimension to virus detection
Large language models (LLM) provide context that could expose overlooked threats.
Infosecurity News
#RSAC: Threat Actors Weaponizing Hacktivism for Financial Gain
Recorded Future’s Alexander Leslie highlights the increasingly blurred lines between hacktivism, financial cybercrime and nation-state activities during the RSA Conference 2024
DarkReading
LLMs & Malicious Code Injections: 'We Have to Assume It's Coming'
Large language models promise to enhance secure software development life cycles, but there are unintended risks as well, CISO warns at RSAC.
Infosecurity News
Law Enforcement Takedowns Force Ransomware Affiliates to Diversify
A new Chainalysis report showed that recent law enforcement operations have pushed ransomware affiliates to increasingly use multiple strains in order to stay afloat
SecurityWeek
Google Debuts New Security Products, Hyping AI and Mandiant Expertise
Google rolls out new threat-intel and security operations products and looks to the magic of AI to tap into the booming cybersecurity market.
The Cyber Express
RSA Conference 2024: What to Expect from the World’s Largest Cybersecurity Event
The RSA conference 2024 , the world's largest cybersecurity gathering, commenced in San Francisco from May 6 to 9, 2024.
The Cyber Express
Cyble Showcases Next-Gen Cybersecurity Technologies at RSA Conference 2024
San Francisco, May 6, 2024 — Cyble, the leading provider of AI-driven cybersecurity solutions, is excited to announce its participation
SC Magazine
RSA Conference 2024: What to expect
RSA Conference will tackle everything AI, but will also go deep on government policy, innovative new security solutions and explore "The Art of Possible."
The Record
Blinken unveils State Dept. strategy for ‘vibrant, open and secure technological future’
U.S. Secretary of State Antony Blinken told the audience at the 2024 RSA Conference in San Francisco about the Biden administration's broad plan to build “digital solidarity” with allies and partners.
SC Magazine
RSAC 2024: Google on the promise of large language models and cybersecurity
Taking a sober look at where and how offensive and defensive GenAI is being used to keep security professionals on their toes.
SC Magazine
RSAC 2024: How to use AI without getting in trouble
For more real-time RSAC coverage from SC Media please visit here.
SC Magazine
RSAC 2024: US Secretary of State Blinken advocates solidarity, not sovereignty, for cyber
By promoting a vision of cooperation and innovation, the U.S. can best navigate the complexities of AI and quantum computing and safeguard domestic private and public interests, Blinken said.
DarkReading
Software Security: Too Little Vendor Accountability, Experts Say
Actual legislation is a long shot and a decade away, but policy experts are looking to jump-start the conversation around greater legal liability for insecure software products.
SecurityWeek
Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference
With so many vendors, approaches and solutions, how do you know what cybersecurity solutions you should be investing in?
SecurityWeek
Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber
Cybersecurity startups Insane Cyber, Resonance Security, RunReveal and StepSecurity announce pre-seed, early-stage, and seed funding rounds.
DarkReading
Tech Tip: Why Haven't You Set Up DMARC Yet?
DMARC adoption is more important than ever following Google's and Yahoo's latest mandates for large email senders. This Tech Tip outlines what needs to be done to enable DMARC on your domain.
The Hacker News
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Attention SOHO router users! A new malware called Cuttlefish is on the prowl, stealthily monitoring your traffic and stealing authentication data.
DarkReading
Shadow APIs: An Overlooked Cyber-Risk for Orgs
Unmanaged and unknown Web services endpoints are just some of the challenges organizations must address to improve API security.
CSO
Most interesting products to see at RSAC 2024
Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out.
The Hacker News
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
ZLoader modular malware trojan has resurfaced with anti-analysis feature that prevents execution on machines different from the original infection.
SecurityWeek
Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual
Jennifer Leggio says we need more alcohol-free networking events at conferences, and community-building opportunities for sober individuals.
DarkReading
CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.
DarkReading
Cyberattack Gold: SBOMs Offer an Easy Census of Vulnerable Software
Attackers will likely use software bills-of-material (SBOMs) for searching for software potentially vulnerable to specific software flaws.
Cyber Security News
Russian Hackers Launched Sabotage Attacks On 20 Critical Infrastructure
Researchers identified a cyberattack by the Sandworm group targeting critical infrastructure in Ukraine in March 2024, which aimed to disrupt
Bleeping Computer
Russian Sandworm hackers targeted 20 critical orgs in Ukraine
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA).
CyberNews
Wave of ransomware on the cheap: junk guns still okay for small targets
Researchers observe a flood of crude and amateurish ransomware. But it’s cheap, difficult to trace, and comes in many flavors.
Security Affairs
Akira ransomware received $42M in ransom payments from over 250 victims
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments.
DarkReading
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.
The Cyber Express
Akira Ransomware Group Amasses $42 Million from Over 250 Global Attacks, FBI Warns
The Akira ransomware group has been identified as the culprit behind a series of cyberattacks targeting businesses and critical infrastructure
The Hacker News
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
Akira Ransomware group has already extorted roughly $42 million from over 250 victims globally. They are now targeting both Windows and Linux systems.
Infosecurity News
Quishing Attacks Jump Tenfold, Attachment Payloads Halve
The figures come from Egress’s latest report, which also suggests secure email gateways lag behind tech advancements
DarkReading
Cisco Duo's Multifactor Authentication Service Breached
A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks.
SecurityWeek
Knostic Emerges From Stealth With Enterprise Gen-AI Access Controls
Startup Knostic emerges from stealth mode with $3.3 million in funding and a gen-AI access control product for enterprises.
Trend Micro
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear
Our blog entry provides an in-depth analysis of Earth Hundun's Waterbear and Deuterbear malware.
Infosecurity News
Rhadamanthys Malware Deployed By TA547 Against German Targets
Proofpoint said this is the first time the threat actor has been seen using LLM-generated PowerShell scripts
Ars Technica
Microsoft blamed for “a cascade of security failures” in Exchange breach report
Summer 2023 intrusion pinned to corporate culture, "avoidable errors."
Cyber Security News
Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest
The Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications […]
Loading more articles....