Cyber threat hunting is a proactive search for malicious actors and contents in your system. Threat hunting is a must-have part of the defense strategy which focuses to detect and respond rapidly to unknown, undetected, and unresolved threats. This means that the security team purposely looks for malicious activities that occur at an endpoint or […]

The post What Is Cyber Threat Hunting? Process, Types and Solutions appeared first on Heimdal Security Blog.

A TP-Link Archer A21 (AX1800) consumer-grade WiFi router vulnerability has been used by Mirai botnet to launch DDoS attacks against IoT devices. The flaw in the TP-Link Archer AX21 firmware was discovered back in December 2022, and the company released a patch in March. However, recent attacks show a new variant of the Mirai botnet exploiting the flaw (CVE-2023-1389) to gain […]

The post TP-Link High-Severity Flaw Added to Mirai Botnet Arsenal appeared first on Heimdal Security Blog.

Google advertisements have been exploited to distribute various types of malware over the past few months. To trick unsuspecting users into downloading malware onto their systems, threat actors often used the platform to promote fake websites on legit software and application updates. One such malware family observed during this recent spike is called LOBSHOT. It continues […]

The post New LOBSHOT Malware Deployed Via Google Ads appeared first on Heimdal Security Blog.

Across Southeast Asia, Europe and Africa, a new Linux variant of the PingPull malware used by Chinese APT group Alloy Taurus (Gallium) has been reported as an active threat to telecommunications, finance and government organizations. Alloy Taurus is a Chinese nation-state-affiliated threat actor that focuses on cyberespionage and is best known for targeting major telecommunications […]

The post Chinese APT Alloy Taurus Is Back – Linux Variant of PingPull Malware Is Active appeared first on Heimdal Security Blog.

When building an organization’s cybersecurity posture, there are many decisions that will ultimately lead you to the best result for your specific company. One of these decisions is having an in-house SOC team or choosing a managed SOC solution like SOC-as-a-Service. Included in the Detection and Response area, SOC teams are essential for a business […]

The post What Is SOC-as-a-Service (SOCaaS) and How Could Your Company Benefit? appeared first on Heimdal Security Blog.

EXECUTIVE SUMMARY: What is user provisioning? User provisioning enables management teams to control access to business resources, strengthening data security by limiting unnecessary access and allowing only authorized personnel to log in. User provisioning technology can assist management teams in enabling access, managing accounts and revoking access as needed. It simplifies the process of handling […]

The post Access management made easy, boosting security with user provisioning appeared first on CyberTalk.

IMA Financial Group (IMA) announced on April 19th it had experienced a data breach resulting in confidential consumer data leakage. The insurance and wealth management solutions company filed a notice of the data security incident with the Attorney General of Texas. Additionally, it sent out letters to all the clients whose information was compromised. What […]

The post IMA Financial Group Targeted in Cyberattack. Confidential Consumer Data Spilled appeared first on Heimdal Security Blog.

Alaska Railroad Corporation reported a data breach incident that occurred in December 2022 and they discovered it on March 18th, 2023. According to ARCC, a third party gained unauthorized access to the internal network system. Further on, threat actors accessed and exfiltrated sensitive data of vendors, current and former employees, and their dependents. Alaska Railroad […]

The post 7,413 People Were Impacted by Alaska Railroad Data Breach appeared first on Heimdal Security Blog.

Researchers discovered a new kind of side-channel attack that affects several versions of Intel CPUs and enables data exfiltration. Attackers could leak the data through the EFLAGS register. The discovery was made by researchers at Tsinghua University, the University of Maryland, and a computer lab run by the Chinese Ministry of Education. How Is the […]

The post New Type of Side-Channel Attack Impacts Intel CPUs and Allows Data Leakage appeared first on Heimdal Security Blog.