-
Sysdig container security tool prioritizes vulnerabilities, reduces alerts
PRIVACY PRIVACY Container and cloud security provider Sysdig has launched Risk Spotlight, a vulnerability prioritization tool based on runtime intelligence, designed to enable security teams to prioritize remediation — particularly regarding vulnerabiities related to container technology — without affecting development speed. While working with open-source packages, developers often bring associated vulnerabilities into their software environment…
-
North Korea Funding Nuclear Program with Cyber Activity
PRIVACY PRIVACY UN North Korea expert says cybercrime pays for country’s banned missile and nuclear programs Read More
-
New Five Eyes alert warns of Russian threats targeting critical infrastructure
PRIVACY PRIVACY In a move demonstrative of international cooperation and partnership, the Five Eyes (United States, Australia, Canada, New Zealand, and United Kingdom) issued an alert giving a “comprehensive overview of Russian state-sponsored and cybercriminal threats to critical infrastructure.” The alert also includes remediation guidance, which CISOs will find of particular import. Alert AA22-110A –…
-
REvil reborn? Notorious gang’s dark web site redirects to new ransomware operation
PRIVACY PRIVACY Researchers have spotted that the TOR address used by the notorious REvil ransomware gang is now redirecting to a new website, with information about seemingly new attacks. Read more in my article on the Tripwire State of Security blog. Read More
-
Long Article on NSO Group
PRIVACY PRIVACY Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists. Read More
-
Free Yanlouwang decryptor released, after flaw found in ransomware code
PRIVACY PRIVACY Security researchers at Kaspersky have released a free decryption tool that promises to recover files for organisations hit by the Yanlouwang ransomware, meaning they don’t have to pay the ransom. Read More
-
Cybereason launches DFIR solution to automate incident response
PRIVACY PRIVACY Endpoint protection vendor Cybereason has launched a new incident response (IR) solution to streamline and automate IR investigations. Digital Forensics Incident Response incorporates nuanced forensics artifacts into threat hunting, reducing remediation time by enabling security analysts to contain cyberattacks in minutes, the firm stated in a press release. The release comes in the…
-
Smashing Security podcast #271: Crypto break-in, Google blurring, and mics not muting
PRIVACY PRIVACY A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia… or has it? All this and much more is discussed in the latest edition of the…
-
Fragmented tool landscape biggest cybersecurity challenge to medical device makers
PRIVACY PRIVACY The top cybersecurity challenge faced by medical device makers is managing a growing set of tools and technologies, according to the results of a global survey released Wednesday by software risk assessment company Cybellum. The survey, conducted by Global Surveyz, an independent survey company, polled 150 senior decision makers from North America, Europe…
-
Two-Thirds of Global Banks Report Surge in Destructive Attacks
PRIVACY PRIVACY Russia is seen as biggest threat, according to VMware report Read More