%term

Prevent, Detect, Contain: LevelBlue MDR's Guide Against Black Basta Affiliates' Attacks

Mar 7, 2025 By Ken Ng In LevelBlue

Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.

Read Post

LevelBlue

Read more about Prevent, Detect, Contain: LevelBlue MDR's Guide Against Black Basta Affiliates' Attacks

How Three Industry Leaders Are Stopping Identity-Based Attacks with CrowdStrike

Mar 7, 2025 By Ryan Terry In CrowdStrike

The CrowdStrike 2025 Global Threat Report highlights the ongoing threat of identity-based attacks. Adversaries are increasingly exploiting stolen credentials to evade detection, and 79% of detections overall were classified as malware-free. Valid account abuse became the primary initial access method in 35% of cloud intrusions. The report also shares that access broker advertisements rose by 50% year-over-year, indicating a rise in demand for valid credentials and other forms of access.

Read Post

CrowdStrike

Read more about How Three Industry Leaders Are Stopping Identity-Based Attacks with CrowdStrike

Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks

Mar 7, 2025 By SecurityScorecard In SecurityScorecard

North Korea’s Lazarus Group is evolving its tactics again. The latest campaign, dubbed Operation Marstech Mayhem, introduces an advanced implant named “Marstech1.” This malware is designed to compromise software developers and cryptocurrency wallets through manipulated open-source repositories. Unlike previous Lazarus operations, this campaign employs obfuscation techniques that make detection significantly harder. Read the full report here.

Read Post

SecurityScorecard

Read more about Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks

SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension - Password Managers, Wallets at Risk

Mar 6, 2025 By SquareX

With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many organizations. SquareX's research team discovers a new class of malicious extensions that can impersonate any extension installed on the victim's browser, including password managers and crypto wallets.

Read Post

Read more about SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension - Password Managers, Wallets at Risk

Inside a Cyberattack: How Hackers Steal Data

Mar 6, 2025 By Dave Gray, VP EMEA and Glenn Wilkinson, Professional Hacker and Speaker In Protegrity

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organisation, particularly as the cybercrime industry becomes increasingly sophisticated and their technology more advanced. Furthermore, once a hacker has broken through an organisation's defences, it is relatively easy to move within the network and access information without being detected for days and even months. This is a significant concern for Banking and Financial Services organisations, which house valuable sensitive and Personally Identifiable Information (PII).

Read Post

Protegrity

Read more about Inside a Cyberattack: How Hackers Steal Data

11 Best DDoS Protection Software in the Market 2025

Mar 6, 2025 By Indusface In Indusface

Looking for the best DDoS protection software to safeguard your website from cyber threats? In this video, we explore top solutions that help prevent downtime, mitigate large-scale attacks, and ensure seamless website performance.

View Video

Indusface

Read more about 11 Best DDoS Protection Software in the Market 2025

Detecting and Controlling Hidden DNS Tunnel Attacks

Mar 5, 2025 By Fidelis Security In Fidelis Security

DNS is the backbone of the internet, translating domain names into IP addresses to facilitate communication between devices. However, cybercriminals exploit DNS to create covert channels for data exfiltration and command-and-control (C2) operations using DNS tunneling. This technique allows attackers to bypass security measures by disguising malicious traffic as legitimate DNS queries. As DNS-based attacks continue to rise, securing DNS traffic has become a priority for organizations worldwide.

Read Post

Fidelis Security

Read more about Detecting and Controlling Hidden DNS Tunnel Attacks

Intelligence-Led Threat Hunting: The Key to Fighting Cross-Domain Attacks

Mar 3, 2025 By Thuy Nguyen - Dana Larson In CrowdStrike

Cross-domain attacks have become a defining challenge in modern cybersecurity, with adversaries exploiting gaps across endpoints, identity systems, and cloud environments to achieve their objectives. These sophisticated attacks use stealthy, malware-free techniques and legitimate tools, making them exceptionally difficult to detect and disrupt.

Read Post

CrowdStrike

Read more about Intelligence-Led Threat Hunting: The Key to Fighting Cross-Domain Attacks

The Role of DevSecOps in Modern Software Development

Mar 2, 2025 By SecuritySenses In SecuritySenses

In today's fast-paced digital world, security threats are becoming more sophisticated, requiring businesses to integrate robust security measures into their software development lifecycle. Traditional development approaches often treat security as an afterthought, leading to vulnerabilities that can be costly to fix. This is where DevSecOps comes into play-an approach that embeds security into the DevOps pipeline from the start, ensuring that security is a core component rather than an add-on.

Read Post

SecuritySenses

Read more about The Role of DevSecOps in Modern Software Development

Zero-Day Attacks: From Netflix's "Zero Day" with DeNiro to Real-World Implications

Mar 1, 2025 By Cybriant In Cybriant

In the realm of cybersecurity, the term “zero-day attack” signifies a threat that exploits previously unknown vulnerabilities, leaving no time for detection or defense. Netflix’s limited series “Zero Day,” starring Robert De Niro as former President George Mullen, brings this concept to the forefront of public consciousness.

Read Post