Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange

APT group Witchetty (aka LookingFrog) has exploited the ProxyShell and ProxyLogon vulnerabilities to gain initial access and deploy new custom cyber tools against government agencies and a stock exchange.

Cyber News

Capital One Phish Showcases Growing Bank-Brand Targeting Trend

Capital One lures leveraged the bank’s new partnership with Authentify, showing that phishers watch the headlines, and take advantage.

Cyber News

S3 Ep102: Sorting fact from fiction in hyped-up cybersecurity news stories [Audio + Transcript]

Latest episode – listen now! Tell fact from fiction in hyped-up cybersecurity news…

Cyber News

LeakBase: India Swachhata Platform Breached, 16 Million User PII Records Exposed

Data samples contain email addresses, hashed passwords and user IDs, other PII

Cyber News

(ISC)² Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap

2,700 cybersecurity career pursuers have already passed the (ISC)2 Certified in Cybersecurity℠ exam, with more than 53,000 more people registered for a free course and exam.

Cyber News

Five Steps to Mitigate the Risk of Credential Exposure

Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft. While CISOs are aware of growing identity threats and have multiple tools in their […]

Cyber News

Researchers Uncover Covert Attack Campaign Targeting Military Contractors

A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines. The highly-targeted intrusions, dubbed STEEP#MAVERICK by Securonix, also targeted a strategic supplier to the F-35 Lightning II fighter aircraft. “The attack was carried out

Cyber News

What Lurks in the Shadows of Cloud Security?

Organizations looking to get ahead in cloud security have gone down the path of deploying CSPM tooling with good results. Still, there’s a clear picture that data security and security operations are next key areas of interest.

Cyber News

Why You Need a VPC

ACM.65 Yes, you need a VPC. This is a continuation of my series on Automating Cybersecurity Metrics. I used to say when I was a lead developer at Capital One that communication was the hardest part of my job. Writing the code was the easy part. Sometimes I think I explain things clearly and then people […]

Cyber News

Month: September 2022

Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange

Capital One Phish Showcases Growing Bank-Brand Targeting Trend

S3 Ep102: Sorting fact from fiction in hyped-up cybersecurity news stories [Audio + Transcript]

LeakBase: India Swachhata Platform Breached, 16 Million User PII Records Exposed

(ISC)² Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap

Five Steps to Mitigate the Risk of Credential Exposure

Researchers Uncover Covert Attack Campaign Targeting Military Contractors

What Lurks in the Shadows of Cloud Security?

Why You Need a VPC

Company

Services

Important Links

Get In Touch