Articles about cybersecurity

AI is revolutionizing how software gets built, making the process faster, smarter, and more autonomous. But it also introduces more risk than we’ve ever seen and challenges application security, which wasn’t designed for AI-driven development processes.

In response to this Legit Security is launching Legit MCP (Model Context Protocol) Server. This new offering brings application security posture management (ASPM) to AI-led development, making vulnerability management simpler.

Continue reading →

Chaos RAT is back and causing trouble on Linux and Windows systems. This open source remote access tool was once pitched as a legitimate way to manage computers remotely. Now, it is being used to spy on users, steal data, and possibly set the stage for ransomware. But in an ironic twist, attackers are now turning the tables and exploiting Chaos RAT itself.

Originally written in Go and designed for cross platform compatibility, Chaos RAT has evolved from a basic tool into a very dangerous piece of malware. It has been spotted in real world attacks including a recent sample disguised as a Linux network utility. Victims were likely tricked into downloading a fake troubleshooting tool containing the malware.

Continue reading →

New research from Bitdefender shows that 84 percent of high severity attacks are using Living off the Land (LOTL) techniques, exploiting legitimate tools used by administrators.

One of the findings is that the netsh.exe tool -- used for network configuration -- management is the most frequently abused tool, appearing in a third of major attacks. While checking firewall configurations is a logical initial step for attackers, this clearly demonstrates how data analysis can spotlight trends that human operators might instinctively disregard.

Continue reading →

A new report from Abnormal AI shows that employees in large enterprises engage with malicious vendor messages 72 percent of the time.

Drawing on behavioral data from over 1,400 organizations worldwide, the report reveals the extent to which employees are actively engaging with advanced text-based threats like vendor email compromise (VEC) and explores the blind spots attackers are exploiting with highly targeted, socially engineered attacks.

Continue reading →

In cybersecurity, every second counts. But when the same hacking group goes by half a dozen different names depending on which company you ask, defenders are left wasting time instead of stopping attacks. Now, Microsoft and CrowdStrike are teaming up to clean up the mess they helped create.

The two companies just announced a joint effort to map their threat actor naming systems to each other. Basically, it’s a cheat sheet for decoding the confusing and conflicting names used across the industry. Midnight Blizzard? That’s Microsoft’s name for what CrowdStrike calls Cozy Bear. Others call it APT29 or UNC2452.

Continue reading →

New research from Barracuda Networks finds 65 percent of IT and security professionals say their organizations are juggling too many security tools.

What's more, over half (53 percent) of respondents also say their security tools cannot be integrated -- creating fragmented environments that are difficult to manage and secure.

Continue reading →

New research reveals a surge in interest in data sovereignty among UK IT leaders since the implementation of the United States government's historic raft of tariffs in April.

The study from Civo, of over 1,000 UK-based IT leaders, shows more than 60 percent now feel that the UK government’s use of US cloud services exposes the country's digital economy to significant risks, damages its domestic industry, and threatens data security.

Continue reading →

In an age where every click, swipe, and search can be tracked, stored and analyzed, data privacy is no longer a luxury but a necessity. From social media profiles to medical records and financial transactions, personal information is constantly collected and processed, often without understanding or consent.

Recognizing data privacy as a fundamental human right isn't just a legal or technical issue, but vital for individual dignity, autonomy, and freedom of expression.

Continue reading →

Scammers are already using AI-powered automation to manipulate marketing channels. We don't want to hand out a playbook for bad actors, but it's important to recognize the growing number of scams that have been enhanced by AI and automation tools. Most scams are still about money, either directly or by collecting personal data that can be used to access financial information. If there is no money, there is typically little motive.

In a space like eCommerce, for example, we've seen scammers clone legitimate websites to trick customers into handing over their payment information. These spoof sites look identical to the real thing. 

Continue reading →

The technology world is a fast moving one and keeping up with the latest trends can be difficult. Yet it's also essential if you're not to lose competitive edge or get caught out by new risks.

We spoke to Myke Lyons, CISO of data infrastructure company Cribl, to discuss what the priorities for cyber leaders should be and what things are likely to keep them awake at night.

Continue reading →

While the average total compensation for CISOs at large enterprises is $700K, those at $20B+ firms average $1.1M, with top earners exceeding $1.3M. These people are often managing $100M+ security budgets and teams of over 200 staff.

A new report from IANS Research along with Artico Search looks at data from more than 860 CISOs, including 406 at enterprises with $1B+ in annual revenue.

Continue reading →

New research from EasyDMARC reveals that just 7.7 percent of the world's top 1.8 million email domains are fully protected against phishing and spoofing, having implemented the most stringent DMARC policy.

While this configuration, known as 'p=reject', actively blocks malicious emails from reaching inboxes, many businesses have only adopted the passive monitoring setting known as 'p=none', which passively monitors inboxes for threats without intercepting them. This means it doesn't block fraudulent emails or provide full visibility into authentication failures.

Continue reading →

New research finds that 32 percent of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations. 68 percent are more realistic, noting they feel uncertain about achieving this near-impossible outcome.

The study from Lineaje, carried out among RSA attendees, also shows that while software bill of material (SBOM) regulations and guidelines continue to increase, organizations vary in their level of adoption.

Continue reading →

Not all browser extensions are created equal, and just because one is available in a high-profile store doesn't mean it's safe. Stores may do simple verifications to check for obvious red flags, but it's not part of their workflow to investigate deeper indicators of suspicious or malicious behavior.

ExtensionPedia, a new database developed by LayerX, changes that by providing individuals and businesses with detailed risk analyses on over 200,000 extensions to distinguish between safe, risky and malicious tools.

Continue reading →

A new report from Orchid Security shows nearly half of enterprise applications violate basic credential-handling guidance, with 44 percent undermining centralized identity provider (IdP) policies and 40 percent falling short of widely accepted identity-control standards.

Orchid analyzed authentication flows and authorization practices embedded deep within enterprise applications and finds clear-text credentials in nearly half. These are normally associated with alternative access flows, often for non-human accounts, but they also present an easy target for threat actors seeking entry or lateral movement.

Continue reading →