Social Engineering

The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That’s according to the 2023 State of Enterprise DFIR survey by Magnet Forensics, a developer of digital investigation solutions. The firm surveyed 492 DFIR professionals in North America and Europe, the Middle East, and Africa working in organizations in industries such as technology, manufacturing, government, telecommunications, and healthcare. Respondents described the current…

Read More

Abnormal Security has identified two groups that are using executive impersonation to execute Business Email Compromise (BEC) attacks on companies worldwide.  The first group, Midnight Hedgehog, engages in payment fraud, while the second group, Mandarin Capybara, executes payroll diversion attacks. Both groups have launched BEC campaigns in at least 13 different languages, including Danish, Dutch, Estonian, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Spanish, and Swedish, the researchers noted. While attacking targets across various regions…

Read More

With the rapid growth and increasing complexity of cloud environments, organizations are increasingly at risk from various security threats. Cloud security posture management (CSPM) is a process that helps organizations continuously monitor, identify, and remediate security risks in the cloud. The use of automation in CSPM is crucial to ensuring the security and compliance of an organization’s cloud infrastructure. A key component of CSPM is the automation of its core tasks: continuous monitoring, remediation of…

Read More

Identity and access management (IAM) vendor Okta today released a report detailing app use and security trends among its broad user base. Among other trends it identified, the report found that zero trust security policies have become more common, and uptake of a wide range of security tools has been sharply on the rise. Okta survyed 17,000 customers globally, and found that zero trust usage among its  clients has increased from 10% two years ago…

Read More

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team.  The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday.  DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike — a penetration…

Read More

Israel-based startup Oligo Security is exiting stealth mode with the public launch of its namesake software, offering a new wrinkle in library-based application security monitoring, observability, and remediation. Utilizing a technology called extended Berkeley Packet Filter (eBPF), it is able to provide agentless security coverage for open source code. Given the prevalence of open source code in modern software — Oligo contends that it accounts for something like 80% or 90% — there is a…

Read More

As business processes become more complex, companies are turning to third parties to boost their ability to provide critical services from cloud storage to data management to security. It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you. The use of third-party services can also come with significant—often unforeseen—risks. Third parties can be a gateway…

Read More

Descope has launched its first product, a platform designed to help developers add authentication and user management capabilities to their business-to-consumer and business-to-business applications. The software as a service is available now. Developers can access the product free of charge for up to 7,500 monthly active uses for B2C applications and up to 50 tenants for B2B apps. Beyond these there is a US$0.10 per user and US$20 per tenant. The Descope platform aims to…

Read More

Not too long ago, guarding access to the network was the focal point of defense for security teams. Powerful firewalls ensured that attackers were blocked on the outside while on the inside things might get “squishy,” allowing users fairly free rein within. Those firewalls were the ultimate defense—no one undesirable got access. Until they did. With the advent of cloud computing, the edge of a network is no longer protected by a firewall. In fact,…

Read More

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that’s capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled external connections into their…

Read More