New Python-Based “Legion” Hacking Tool Emerges on Telegram
An emerging Python-based credential harvester and a hacking tool named Legion are being marketed via Telegram as a way for…
2023
Fortinet fixed a critical vulnerability in its Data Analytics product
Fortinet addressed a critical vulnerability that can lead to remote, unauthenticated access to Redis and MongoDB instances. Fortinet has addressed…
Data Breaches and Cyber Attacks Quarterly Review: Q1 2023
Welcome to our first quarterly review of security incidents for 2023, in which we take a closer look at the…
Dissecting threat intelligence lifecycle problems
In my last CSO article, I looked at a few challenges related to enterprise threat intelligence programs. Security pros pointed…
4 strategies to help reduce the risk of DNS tunneling
Domain name system (DNS) tunneling is a pervasive threat that enables hackers to get any data in and out of…
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its…
You Use These Tech Acronyms Every Day, But Do You Know What They Mean?
In the second half of the 20th century, computers went from chunky business calculators to a part of nearly every…
Why Shadow APIs are More Dangerous than You Think
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial…
Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the…
China’s Great Firewall Comes for Generative AI, and Experts Are Worried
China’s top digital regulator proposed bold new guidelines this week that prohibit ChatGPT-style large language models from spitting out content…