Category Security

Nov 12, 2024Ravie LakshmananMalware / Application Security Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by…

North Korean hackers are embedding malware within Flutter applications to target macOS devices, according to a new analysis by Jamf. The security firm said it was the first time it has observed threat actors use the Flutter framework to target…

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights…

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills.  In July, the UK’s new Labour Government announced that it…

Energy services supplier Halliburton has revealed that an August ransomware breach cost the firm $35m, highlighting the major financial impact of cyber-threats. The Dubai-headquartered multinational, which is one of the largest providers of products and services to the energy industry…

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. “Ymir ransomware introduces a unique combination of technical features and tactics that…

A surge in two-step phishing attacks leveraging Microsoft Visio files has been identified by security researchers, marking a sophisticated evolution in phishing tactics. Discovered by Perception Point, the new attacks use Visio’s .vsdx format, a file type commonly employed for…

Nov 11, 2024Ravie LakshmananVulnerability / Risk Mitigation Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access…

The past few months have shown that collaborations between experts from the cybersecurity industry and the public sector are efficient at disrupting cybercrime. Drawing on big successes, like the LockBit takedown, Operation ‘Trust No One’ or the LabHost operation, the…

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing…