Articles about cybersecurity

Advanced phishing kits and info-stealing malware have accounted for a 156 percent jump in cyberattacks targeting user logins.

A new report from cybersecurity company eSentire shows attackers are increasingly opting for obtaining login credentials and session cookies via phishing or malware. This then allows them to carry out Business Email Compromise (BEC) attacks, gain access to bank accounts, or steal cryptocurrency.

Continue reading →

Microsoft Active Directory (AD) turned 25 earlier this year -- remarkable longevity in the technology world. It’s the identity backbone for more than 80 percent of enterprises, meaning a breach could be catastrophic.

We spoke to Sean Deuby, principal technologist at Semperis, to look at the top considerations for protecting AD for the future, as most organizations he talks to have no plans to move on from the aging technology.

Continue reading →

We’re all familiar with the idea of TLS/SSL security certificates that verify the identity of a website and ensure trust and security on the web by confirming that the site you’re visiting is what it says it is.

Usually these relate to the domain name of the site, since that’s how most people gain access, indeed if you type in the underlying IP address instead you’ll often get an error because of the lack of a certificate.

Continue reading →

AI is revolutionizing how software gets built, making the process faster, smarter, and more autonomous. But it also introduces more risk than we’ve ever seen and challenges application security, which wasn’t designed for AI-driven development processes.

In response to this Legit Security is launching Legit MCP (Model Context Protocol) Server. This new offering brings application security posture management (ASPM) to AI-led development, making vulnerability management simpler.

Continue reading →

Chaos RAT is back and causing trouble on Linux and Windows systems. This open source remote access tool was once pitched as a legitimate way to manage computers remotely. Now, it is being used to spy on users, steal data, and possibly set the stage for ransomware. But in an ironic twist, attackers are now turning the tables and exploiting Chaos RAT itself.

Originally written in Go and designed for cross platform compatibility, Chaos RAT has evolved from a basic tool into a very dangerous piece of malware. It has been spotted in real world attacks including a recent sample disguised as a Linux network utility. Victims were likely tricked into downloading a fake troubleshooting tool containing the malware.

Continue reading →

New research from Bitdefender shows that 84 percent of high severity attacks are using Living off the Land (LOTL) techniques, exploiting legitimate tools used by administrators.

One of the findings is that the netsh.exe tool -- used for network configuration -- management is the most frequently abused tool, appearing in a third of major attacks. While checking firewall configurations is a logical initial step for attackers, this clearly demonstrates how data analysis can spotlight trends that human operators might instinctively disregard.

Continue reading →

A new report from Abnormal AI shows that employees in large enterprises engage with malicious vendor messages 72 percent of the time.

Drawing on behavioral data from over 1,400 organizations worldwide, the report reveals the extent to which employees are actively engaging with advanced text-based threats like vendor email compromise (VEC) and explores the blind spots attackers are exploiting with highly targeted, socially engineered attacks.

Continue reading →

In cybersecurity, every second counts. But when the same hacking group goes by half a dozen different names depending on which company you ask, defenders are left wasting time instead of stopping attacks. Now, Microsoft and CrowdStrike are teaming up to clean up the mess they helped create.

The two companies just announced a joint effort to map their threat actor naming systems to each other. Basically, it’s a cheat sheet for decoding the confusing and conflicting names used across the industry. Midnight Blizzard? That’s Microsoft’s name for what CrowdStrike calls Cozy Bear. Others call it APT29 or UNC2452.

Continue reading →

New research from Barracuda Networks finds 65 percent of IT and security professionals say their organizations are juggling too many security tools.

What's more, over half (53 percent) of respondents also say their security tools cannot be integrated -- creating fragmented environments that are difficult to manage and secure.

Continue reading →

New research reveals a surge in interest in data sovereignty among UK IT leaders since the implementation of the United States government's historic raft of tariffs in April.

The study from Civo, of over 1,000 UK-based IT leaders, shows more than 60 percent now feel that the UK government’s use of US cloud services exposes the country's digital economy to significant risks, damages its domestic industry, and threatens data security.

Continue reading →

In an age where every click, swipe, and search can be tracked, stored and analyzed, data privacy is no longer a luxury but a necessity. From social media profiles to medical records and financial transactions, personal information is constantly collected and processed, often without understanding or consent.

Recognizing data privacy as a fundamental human right isn't just a legal or technical issue, but vital for individual dignity, autonomy, and freedom of expression.

Continue reading →

Scammers are already using AI-powered automation to manipulate marketing channels. We don't want to hand out a playbook for bad actors, but it's important to recognize the growing number of scams that have been enhanced by AI and automation tools. Most scams are still about money, either directly or by collecting personal data that can be used to access financial information. If there is no money, there is typically little motive.

In a space like eCommerce, for example, we've seen scammers clone legitimate websites to trick customers into handing over their payment information. These spoof sites look identical to the real thing. 

Continue reading →

The technology world is a fast moving one and keeping up with the latest trends can be difficult. Yet it's also essential if you're not to lose competitive edge or get caught out by new risks.

We spoke to Myke Lyons, CISO of data infrastructure company Cribl, to discuss what the priorities for cyber leaders should be and what things are likely to keep them awake at night.

Continue reading →

While the average total compensation for CISOs at large enterprises is $700K, those at $20B+ firms average $1.1M, with top earners exceeding $1.3M. These people are often managing $100M+ security budgets and teams of over 200 staff.

A new report from IANS Research along with Artico Search looks at data from more than 860 CISOs, including 406 at enterprises with $1B+ in annual revenue.

Continue reading →

New research from EasyDMARC reveals that just 7.7 percent of the world's top 1.8 million email domains are fully protected against phishing and spoofing, having implemented the most stringent DMARC policy.

While this configuration, known as 'p=reject', actively blocks malicious emails from reaching inboxes, many businesses have only adopted the passive monitoring setting known as 'p=none', which passively monitors inboxes for threats without intercepting them. This means it doesn't block fraudulent emails or provide full visibility into authentication failures.

Continue reading →