For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core […]
Category Archives: Uncategorized
Even after a fix was issued, lingering prompt injection risks in GitLab’s AI assistant might allow attackers to indirectly deliver developers malware, dirty links, and more. Go to Source Author: Nate Nelson, Contributing Writer
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems. “Malware like LummaC2 is deployed to […]
The FBI and partners have disrupted “the world’s most popular malware,” a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world. Go to Source Author: Tara Seals
Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls. Go to Source Author: Rob Wright
The company expects it will continue to struggle with online disruptions until at least July, due to the attack. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizations in Central and South America last year, says CrowdStrike. Go to Source Author: Jai Vijayan, Contributing Writer
A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and more — a harbinger of a rapidly developing and diversifying threat landscape. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military […]
Coinbase asserts that this number is only a small fraction of the number of its verified users, though its still offering a $20 million reward to catch the criminals. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading