Bypassing a Theft Threat Model
Thieves cut through the wall of a coffee shop to get to an Apple store, bypassing the alarms in the…
rooter
New Python-Based “Legion” Hacking Tool Emerges on Telegram
An emerging Python-based credential harvester and a hacking tool named Legion are being marketed via Telegram as a way for…
Fortinet fixed a critical vulnerability in its Data Analytics product
Fortinet addressed a critical vulnerability that can lead to remote, unauthenticated access to Redis and MongoDB instances. Fortinet has addressed…
Data Breaches and Cyber Attacks Quarterly Review: Q1 2023
Welcome to our first quarterly review of security incidents for 2023, in which we take a closer look at the…
4 strategies to help reduce the risk of DNS tunneling
Domain name system (DNS) tunneling is a pervasive threat that enables hackers to get any data in and out of…
Dissecting threat intelligence lifecycle problems
In my last CSO article, I looked at a few challenges related to enterprise threat intelligence programs. Security pros pointed…
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its…
You Use These Tech Acronyms Every Day, But Do You Know What They Mean?
In the second half of the 20th century, computers went from chunky business calculators to a part of nearly every…
Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the…
Why Shadow APIs are More Dangerous than You Think
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial…