CSO Online

5 years after NotPetya: Lessons learned

Although some experts consider NotPetya a variant of Petya, the two are generally regarded as separate and distinct. NotPetya is far more contagious than Petya, seemingly with no way to stop it from quickly spreading from one host to another.

Linux malware is on the rise—6 types of attacks to look for

Security is the weakest when sysadmins and developers race against time and deadlines. Opportunistic attackers take advantage of the "economy of attention" as developers can often overlook security risks.

Cybercriminals Could Abuse Misconfigured Google Cloud API for Credential Theft and Lateral Movement

If GCP is not configured correctly, it could be exploited by attackers to engage in malicious activity inside a user's cloud environment, according to cloud security company Mitiga

Attack dwell times drop, ransomware TTPs evolve, China ramps up espionage activity

According to research by Mandiant, global median dwell time, which is calculated as the median number of days an attacker is present in a target’s environment before being detected, decreased from 24 days in 2020 to 21 days in 2021.

Hive Ransomware Group Claims Partnership HealthPlan of California Data Breach

The PHC’s website currently (March 31) shows a holding page with a message stating that it has recently became aware of anomalous activity on certain computer systems within its network.

New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs

It is an extension of the 2017 Spectre version 2 attack, also known as Spectre-BTI (Branch Target Injection) and, just like Spectre v2, can result in the leak of sensitive information from the privileged kernel memory space.

Researchers find new way to neutralize side-channel memory attacks

The new solution is to shape memory requests by running them through a request shaper, called DAGuise, that uses a graph structure to process requests and send them to the memory controller on a fixed schedule.

Why DevOps pipelines are under attack and how to fight back

Software developers often have high permission levels and access privileges. If the software being produced is designed for external consumption, the impact of breaches can be dramatically greater.

New quantum key distribution network resistant to quantum attacks

A QKD channel was multiplexed on the same fiber as ultra-high bandwidth 800 Gbps optical channels for the first time and used to provide keys for encryption of the data stream.

Vulnerabilities don’t count

No one outside the IT department cares about the vulnerability metrics, or they shouldn’t, anyway. They care more about the efficacy of the program. And traditional stats don’t show that.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags