threat detection Archives

On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers to remotely inject commands into the operating system. (Getty Images)

Thousands of industrial routers vulnerable to command injection flaw

The vulnerability, found in versions of Four-Faith routers, appears to have been exploited in the wild and has been connected to attempted infections of Mirai.

Dec 30, 2024 By Derek B. Johnson

Executives from HYPR, an identity security company, revealed this week that they recently offered a contract to a software engineer claiming to be from Eastern Europe. This person initially accepted the job before walking away when the onboarding and verification process raised a number of red flags about their true identity and location. (Source: Getty Images)

HYPR is latest firm to reveal hiring of fraudulent IT worker overseas

Company officials say the individual was caught during the onboarding process, but used proxies and verified documents to back up their legend.

Oct 24, 2024 By Derek B. Johnson

The original stock picture (left) and an AI fake (right) used by a North Korean threat actor who posed as a U.S.-based software engineer and was hired by the cyber firm KnowBe4. (Photo credit: KnowBe4)

Cyber firm KnowBe4 hired a fake IT worker from North Korea

The security awareness training company said in a blog post that the software engineer used stolen U.S. credentials and an AI-enhanced photo.

Jul 24, 2024 By Matt Bracken

CrowdStrike, RSA 2019 — (Scoop News Group photo)

CrowdStrike, Mandiant announce ‘strategic partnership’

CrowdStrike's Falcon platform will be integrated into Mandiant's services for existing customers. More crossover is planned later this year.

Apr 7, 2022 By Joe Warminsky

Creating the right level of response for insider threats

With the growth of phishing attacks and compromised credentials, organizations need modern security tools to better identify insider threats says security exec Tommy Todd.

Sep 3, 2021 By CyberScoop Staff

Microsoft catches hackers using Morse Code to help cover their tracks

Modern offensive and defensive cyber measures often rest on the simple concept of concealing and cracking code.

Aug 12, 2021 By Sean Lyngaas

Energy Department finds SolarWinds-related malware on IT networks, says critical systems unaffected

DOE joins a growing list of federal agencies that have been been affected by the hacking campaign

Dec 17, 2020 By Sean Lyngaas

Mobile security threats challenge CISOs to rethink device policies

With more employees connecting mobile devices to the enterprise network, CISOs are challenged to balance privacy demands with mobile security needs.

Aug 7, 2019 By cyberscoop_staff Jeff Stone

MITRE asks vendors to do more to detect stealthy hacks

APT29 is the muse, but the evaluation is also about ensuring that products can detect "living off the land" techniques.

May 1, 2019 By Sean Lyngaas

Capsule8 raises $15 million for automated threat detection platform

Capsule8 says its platform can scale and adapt to hybrid environments, particularly production environments, to detect and stop threats.

Aug 9, 2018 By Zaid Shoorbajee