AI becoming an SOC imperative for curtailing emerging cyber threats
While powerful, AI technologies are no panacea for immature enterprise security architectures, and they can only be applied successfully after the fundamentals of cyber defence…
Category: CISOOnline
Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix
“Organizations should start by auditing their environment for the conditions that exist that leave them vulnerable to YellowKey,” said Eric Grenier, senior director analyst at Gartner.…
AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks
According to analysis by SafeDep, the account in question, atool (i@hust.cc), which publishes the timeago.js JavaScript library, had rights to a large catalog of packages,…
GitHub admits major source code leak after 3,800 internal repositories breached
“Yesterday we detected and contained a compromise of an employee device involving a poisoned VS [Visual Studio] Code extension. We removed the malicious extension version,…
SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain
Reaper changes tactics by moving execution into Apple’s Script Editor, sidestepping the protections Apple recently introduced to curb Terminal-based attacks. The end goal, however, remains…
Why some security fixes never reach your vulnerability dashboard
Notice what CVE actually does, though. It doesn’t tell anyone to patch a flaw. The flaw was a 90-minute window in which a publishing pipeline…
Microsoft disrupts malware code-signing service used by ransomware gangs
Microsoft’s researchers have established clear links between the group running this operation, which it calls Fox Tempest, and ransomware affiliates who worked with gangs such…
Contractor’s public GitHub account exposed GovCloud and CISA credentials
Veteran consultant Robert Enderle of the Enderle Group noted that this kind of exposure happens with alarming frequency. “Developers are often under immense pressure to…
GitHub scales back bug bounties, reminds users security is their responsibility too
“Not every valid submission represents a meaningful security risk. Some reports identify hardening opportunities or documentation gaps,” Jarom Brown, a senior security researcher at GitHub,…
Internet Explorer may be dead, but its ghost still runs malware
Despite Internet Explorer reaching the end of life in 2022, MSHTA is packaged by default on Windows systems and is used as a living-off-the-land (LOLBIN)…
7 tips for accelerating cyber incident recovery
“AI-driven attacks accelerate adversary actions and adaptation, so a slow recovery increases the window for re-compromise,” she adds, warning that extended outages can create cascading…
SIEM-Kaufratgeber
Die kontextuellen Daten, die SIEM-Lösungen liefern, sind eine grundlegende Komponente moderner Security-Stacks. PeopleImages.com – Yuri A | shutterstock.com Protokoll-Daten zu auditieren, zu überprüfen und zu…