Data Breaches

Chinese threat actor DragonSpark targets East Asian businesses

Organizations in Taiwan, Hong Kong, Singapore, and China have been recently facing attacks from Chinese threat actor DragonSpark. The threat actor was observed using the open-source tool SparkRAT for its attacks, according to a report by SentinelOne.  SparkRAT is multi-platform, feature-rich, and frequently updated with new features, making the remote access Trojan (RAT) attractive to threat actors. DragonSpark was observed using Golang malware that interprets embedded GoLang source code at runtime as a technique for hindering static analysis…

Read More

Veterans bring high-value, real-life experience as potential cybersecurity employees

Johanna Wood was an armored crewman with Lord Strathcona’s Horse, a Canadian Army regiment. At first glance, Wood’s military role may seem incompatible with civilian work; there’s not a lot of call for tank operators in private companies. But Wood believes her experience working in tanks gives her a significant edge as she enters the cybersecurity profession. “I was trained in reconnaissance, so I’m already trained to look for threats, I’m already trained to look…

Read More

CYGNVS exits stealth, trumpeting its cyberattack recovery platform

Cyber recovery startup CYGNVS announced its emergence from stealth today, having raised $55 million in series A funding and created a highly functional “cyber crisis” platform which promises to help organizations recover from major breaches. The company’s product is in its name – CYGNVS says it’s an acronym for Cyber GuidaNce Virtual Space. It’s effectively an all-in-one disaster recovery system for cyberattacks. It provides out-of-band communications between key team members, since corporate networks may become…

Read More

P-to-P fraud most concerning cyber threat in 2023: CSI

US financial institutions see peer-to-peer fraud and other digital fraud as the biggest cybersecurity concern in 2023. It was cited by 29% of respondents in a survey by Computer Systems Inc. (CSI), followed by data breaches (23%), ransomware (20%) and a breach at a third party (15%).  Industry respondents also expressed concerns over identity theft at 4%, unavailable or unaffordable cyber insurance at 4%, geopolitical risks at 3%, DDoS attacks at 2% and website defacement at…

Read More

ServiceNow to detect open source security vulnerabilities with Snyk integration

ServiceNow Vulnerability Response users will now have access to Snyk Open Source, a software composition analysis (SCA) platform designed to help developers find, prioritize, and fix security vulnerabilities and license issues in open source dependencies. Snyk Open Source is backed by the Israeli-US company’s own security intelligence that relies on a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.  ServiceNow Vulnerability Response is part of ServiceNow Security Operations…

Read More

Skyhawk launches platform to provide threat detection and response across multi-cloud environments

Cloud threat detection vendor Skyhawk Security has released a platform designed to address alert fatigue that provides cloud detection and response (CDR) across multi-cloud environments, the company said Tuesday in a statement. The company says the Synthesis platform is being released on a “freemium” basis—the base version is available at no cost, but supplement features can be purchased. Skyhawk claims the platform improves upon products focused on identifying numerous static cloud security misconfigurations by employing…

Read More

How passkeys are changing authentication

Passwords are a central aspect of security infrastructure and practice, but they are also a principal weakness involved in 81% of all hacking breaches. Inherent useability problems make passwords difficult for users to manage safely. These security and useability shortcomings have driven the search for alternative approaches known generally as passwordless authentication. Passkeys are a kind of passwordless authentication that is seeing increasing focus and adoption. They are set to become a key part of…

Read More

Australia fronts International Counter Ransomware Taskforce

The International Counter Ransomware Taskforce (ICRTF), envisioned by the International Counter Ransomware Initiative (CRI), kicked off its operations on Monday with Australia as its inaugural chair and coordinator. The CRI was first brought together in October 2021 with a virtual meeting of 30 countries, facilitated by the US White House National Security Council. In November 2022, a second meeting took place where the following was established by the 37 participating member: Hold ransomware actors accountable for…

Read More

Nvidia targets insider attacks with digital fingerprinting technology

Nvidia today announced that a digital lab playground for its latest security offering is now available, letting users try out an AI-powered system designed to monitor individual user accounts for potentially hazardous behavior. The idea, according to the company, is to leverage the large amounts of data that many organizations compile anyway about login and data access events on their systems, and use that to train an AI that watches for user accounts to diverge…

Read More

Attackers exploiting critical flaw in many Zoho ManageEngine products

Users of on-premises deployments of Zoho ManageEngine products should make sure they have patches applied for a critical remote code execution vulnerability that attackers have now started exploiting in the wild. Technical details about the flaw along with a proof-of-concept exploit was released late last week, which will allow more attackers to add this exploit to their arsenal. “The vulnerability is easy to exploit and a good candidate for attackers to ‘spray and pray’ across…

Read More