Will Pearce on the ever-changing field of offensive AI security
Will Pearce, CEO and Co-founder of Dreadnodem
Advertisement
Cybercrime
Chinese espionage group leans on open-source tools to mask intrusions
Sysdig researchers say UNC5174’s use of open-source tools like VShell and WebSockets has likely helped the group mask its presence in other campaigns.
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.
Microsoft patches zero-day actively exploited in string of ransomware attacks
Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.
Senators re-up bill to expand Secret Service’s financial cybercrime authorities
The bipartisan legislation would strengthen the agency’s authorities to investigate criminal activity tied to digital assets.
Identity lapses ensnared organizations at scale in 2024
Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.
Advertisement
The North Korea worker problem is bigger than you think
The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President…
Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US
Connor Moucka, a 26-year-old arrested at the behest of U.S. authorities in October in Kitchener, Ontario, faces 20 federal charges.
Allie Bohan on how to handle the non-technical side of a ransomware attack
FTI Consulting’s Allie Bohan
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.