Holiday Inn Owner InterContinental Has a Breach Trend

After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack.

Fighting Ransomware Takes an Army: Our Public & Private Sector Soldiers Join Forces

Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks.

How Can I Protect My SaaS Apps Amid Employee Turnover?

A SaaS-specific security solution can help security teams make sure apps and usage are both secure, reducing the chances of a breach.

Next-Gen Linux Malware Takes Over Devices With Unique Tool Set

The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control.

Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game

APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.

Some Employees Aren't Just Leaving Companies — They're Defrauding Them

Here are a few measures your organization can implement to minimize fraudulent behavior and losses.

Everything You Need To Know About BlackCat (AlphaV)

A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools

The threat actor — whose techniques and procedures do not match known groups — has created custom attack tools, including a program that hides scripts in .PNG images.

TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks

What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.

As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks

Hours after Los Angeles Unified School District was hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.

Name That Edge Toon: Mime's the Word

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Internet Security & Encryption Pioneer Peter Eckersley Passes at 43

The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure.

Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware

This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.

The 3 Fundamentals of Building an Effective IoMT Security Strategy

The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.

Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing

Investor participation from prior round demonstrates confidence in the company's current and future performance.

Botnets in the Age of Remote Work

Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.

EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA

The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain attack.

Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration

Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.

3 Critical Steps for Reducing Cloud Risk

Having a better understanding of how clouds are built, connected, and managed helps organizations mitigate risks and reduce attack surfaces.

Feds, npm Issue Supply Chain Security Guidance to Avert Another SolarWinds

The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act.

Researchers Spot Snowballing BianLian Ransomware Gang Activity

The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.

4 Scenarios for the Digital World of 2040

Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future.

Raspberry Robin Malware Connected to Russian Evil Corp Gang

Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp.

AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.

The Makings of a Successful Threat-Hunting Program

Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers.

Ragnar Locker Brags About TAP Air Portugal Breach

TAP assures its customers that it stopped data theft in a recent cyberattack, but the Ragnar Locker ransomware group says it made off with user info.

Ghost Data Increases Enterprise Business Risk

IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization's cloud attack surface.

Neopets Hackers Had Network Access for 18 Months

Neopets has confirmed that its IT systems were compromised from January 2021 through July 2022, exposing 69 million user accounts and source code.

Threat Actor Phishing PyPI Users Identified

"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.

Skyrocketing IoT Bug Disclosures Put Pressure on Security Teams

The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.

New Guidelines Spell Out How to Test IoT Security Products

The proposed AMTSO guidelines offer a roadmap for comprehensive testing of IoT security products.

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

The insecurities exist in CI/CD pipelines and can be used by attackers to subvert modern development and roll out malicious code at deployment.

Apple Quietly Releases Another Patch for Zero-Day RCE Bug

Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices.

(ISC)² Launches 'Certified in Cybersecurity' Entry-Level Certification to Address Global Workforce Gap

After a rigorous pilot program, the association's newest certification is officially operational. More than 1,500 pilot participants who passed the exam are on the path to full certification.

Real-World Cloud Attacks: The True Tasks of Cloud Ransomware Mitigation

Cloud breaches are inevitable — and so is cloud ransomware. (Second of two parts.)

Closing the Security Gap Opened by the Rise of No-Code Tools

No-code startups such as Mine PrivacyOps say they offer best of both worlds — quick development and compliance with privacy laws.

Google Fixes 24 Vulnerabilities With New Chrome Update

But one issue that lets websites overwrite content on a user's system clipboard appears unfixed in the new Version 105 of Chrome.

Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack

The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months.

James Webb Telescope Images Loaded With Malware Are Evading EDR

New Golang cyberattacks use deep space images and a new obfuscator to target systems — undetected.

The Pros and Cons of Managed Firewalls

Managed firewalls are increasingly popular. This post examines the strengths and weaknesses of managed firewalls to help your team decide on the right approach.

OpenText Goes All-in on Cybersecurity Size and Scale With Micro Focus Purchase

OpenText makes a $6 billion bet that bigger is better in security and that cybersecurity platform plays are the future.

(ISC)² Opens Global Enrollment for '1 Million Certified in Cybersecurity' Initiative

(ISC)² pledges to expand and diversify the cybersecurity workforce by providing free "(ISC)² Certified in Cybersecurity" education and exams to 1 million people worldwide.

TikTok for Android Bug Allows Single-Click Account Hijack

A security vulnerability (CVE-2022-28799) in one of TikTok for Android's deeplinks could affect billions of users, Microsoft warns.

The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks

While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them. (First of two parts.)

SecureAuth Announces General Availability of Arculix, Its Next-Gen Passwordless, Continuous-Authentication Platform

Next-gen platform delivers adaptive and robust, continuous authentication with identity orchestration and a frictionless user experience.

New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries

New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.

Don't Let 'Perfect' Be the Enemy of a Good AppSec Program

These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.

Malicious Chrome Extensions Plague 1.4M Users

Analysts find five cookie-stuffing extensions, including one that's Netflix-themed, that track victim browsing and insert rogue IDs into e-commerce sites to rack up fake affiliate payments.

Chinese Hackers Target Energy Sector in Australia, South China Sea

The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.

Security Culture: An OT Survival Story

The relationship between information technology and operational technology will need top-down support if a holistic security culture is to truly thrive.

Cohesity Research Reveals that Reliance on Legacy Technology Is Undermining How Organizations Respond to Ransomware

Nearly half of respondents say their company relies on outdated backup and recovery infrastructure — in some cases dating back to the 1990s, before today's sophisticated cyberattacks.

Phishing Campaign Targets PyPI Users to Distribute Malicious Code

The first-of-its-kind campaign threatens to remove code packages if developers don’t submit their code to a "validation" process.

Building a Strong SOC Starts With People

A people-first approach reduces fatigue and burnout, and it empowers employees to seek out development opportunities, which helps retention.

Google Expands Bug Bounties to Its Open Source Projects

The search engine giant's Vulnerability Rewards Program now covers any Google open source software projects — with a focus on critical software such as Go and Angular.

Cerberus Sentinel Announces Acquisition of CUATROi

US cybersecurity services firm expands services in Latin America.

A Peek Into CISA's Post-Quantum Cryptography Roadmap

To help organizations with their plans, NIST and the Department of Homeland Security developed the Post-Quantum Cryptography Roadmap.

Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web

Documents appear to show that Israeli spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems.

3 Ways No-Code Developers Can Shoot Themselves in the Foot

Low/no-code tools allow citizen developers to design creative solutions to address immediate problems, but without sufficient training and oversight, the technology can make it easy to make security mistakes.

Cyber-Insurance Firms Limit Payouts, Risk Obsolescence

Businesses need to re-evaluate their cyber-insurance policies as firms like Lloyd's of London continue to add restrictions, including excluding losses related to state-backed cyberattackers.

NATO Investigates Dark Web Leak of Data Stolen From Missile Vendor

Documents allegedly belonging to an EU defense dealer include those relating to weapons used by Ukraine in its fight against Russia.