Blog
Hands on Review: LayerX’s Enterprise Browser Security Extension
The browser has become the main work interface in modern enterprises. It’s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to...
World’s Largest Hardware Retail Cooperative Hit by Cyberattack
Ace Hardware is currently experiencing a cyberattack that has disrupted its IT systems. While in-store payment systems and credit card processing are unaffected, online services such as placing orders are currently unavailable.
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
A threat actor affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year....
Companies Scramble to Integrate Immediate Recovery Into Ransomware Plans
Over one-third of companies lack a comprehensive ransomware strategy, highlighting the need for a holistic approach that prioritizes both prevention and recovery, according to a survey by Zerto.
Update: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
F5 has issued a warning about active exploitation of a critical security flaw in its BIG-IP software. The vulnerability, known as CVE-2023-46747, allows attackers to execute arbitrary system commands.
North Korean Hackers Tageting Crypto Experts with KANDYKORN macOS Malware
State-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity,...
TA571 Delivers Forked IcedID Loader Variant
The use of the Forked IcedID variant, which removes banking functionality and focuses on payload delivery, highlights a shift in malware tactics toward prioritizing ransomware delivery.
Palo Alto Networks to Acquire Cloud Security Start-Up Dig Security
The acquisition will integrate Dig's capabilities into Palo Alto's Prisma Cloud platform. Financial details were not disclosed, but reports suggest the deal is valued at $400 million.
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed...
Applying ATT&CK Methodology to Hardware and Firmware
The rise of hardware- and firmware-related attacks and supply chain threats has fundamentally changed the cybersecurity landscape, requiring a deeper understanding of these areas in the context of the MITRE ATT&CK framework.
FREE GUIDE