%term

Lumma Stealer is Out... of business!

May 21, 2025 By Bitsight TRACE In BitSight

Since mid-2024, Bitsight has been collaborating with Microsoft’s Digital Crimes Unit and other partners to dismantle the operational capabilities of Lumma Stealer (LummaC2) — currently the most widely distributed information stealer. Early this week, a coordinated action was carried out to disrupt its operations and take down the supporting malware infrastructure.

Read Post

BitSight

Read more about Lumma Stealer is Out... of business!

Detecting Generative AI Data Leaks from ComfyUI

May 21, 2025 By Greg Pollock In UpGuard

By now we’re all familiar with the capabilities of generative AI for creating images. For some tasks, like casting an existing image in a recognizable art style, it works well. Much more than that and it encounters limitations: complex prompts often don’t return exactly what you imagined and iterating on a failed prompt can quickly become time-consuming.

Read Post

UpGuard

Read more about Detecting Generative AI Data Leaks from ComfyUI

Digital Brand Protection in the Age of Impersonation

May 21, 2025 By Leah Sadoian In UpGuard

Online fraud remains a significant and rapidly expanding threat in today's cyber threat landscape. According to the FTC, consumers in the U.S. lost a staggering $12.5 billion to fraud in 2024, a 25% surge from the previous year. The most commonly reported category? Imposter scams. This difficult-to-intercept form of fraud alone accounted for $2.95 billion of those losses.

Read Post

UpGuard

Read more about Digital Brand Protection in the Age of Impersonation

External Exposure: Navigating Risk for the Multi-National Enterprise

May 15, 2025 By Adrianne Chester Camat, Ron Ofer, Anastasia Plotkin and Darja Feldman In Cyberint

The bigger your business, often the larger the size of the attack surface you need to secure. That’s why multi-national enterprises typically face a different set of cyber security priorities than SMBs. Here’s another, less often discussed factor that can complicate security and risk management: Whether your company is a multiple entity or a single entity.

Read Post

Cyberint

Read more about External Exposure: Navigating Risk for the Multi-National Enterprise

Top tips: Managing the risks of BYOAI at work

May 15, 2025 By Shawn King Jason In ManageEngine

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re discussing the rise of AI tools in the workplace—and the growing risks around their unregulated use. It started quietly. A few employees using ChatGPT to rewrite emails. A project manager testing Notion AI to summarize meetings. A developer relying on GitHub Copilot to speed up code. Now?

Read Post

ManageEngine

Read more about Top tips: Managing the risks of BYOAI at work

The First Domino: How Credential Theft Leads to Bigger Breaches

May 14, 2025 By Emma Stevens In BitSight

In 2024, we collected 2.9 billion unique sets of compromised credentials—a jump from the 2.2 billion collected in 2023. While this rise can be explained by advancement in Bitsight’s credential collection capabilities, we assess that the precise number of credentials shared on the underground has also risen, fueled by increased data breaches and the spike in stealer logs.

Read Post

BitSight

Read more about The First Domino: How Credential Theft Leads to Bigger Breaches

What Is a Data Breach and How to Mitigate Its Effects

May 14, 2025 By Kovrr In Kovrr

‍ ‍All data breaches are considered cyber attacks, but not all cyber attacks are breaches. A data breach is a unique type of cyber incident that specifically involves unauthorized access to sensitive and confidential information pertaining to customer data, corporate data, or both. DDoS attacks and business outages, for instance, are not categorized as breaches because an external actor has not compromised internal assets.

Read Post

Kovrr

Read more about What Is a Data Breach and How to Mitigate Its Effects

Office Hours With Or Amir - Dive Into The First Ever CRQ-Powered Cyber Risk Register

May 14, 2025 By Kovrr - Cyber Risk Quantification In Kovrr

Explore Kovrr’s brand-new CRQ-Powered Cyber Risk Register — a first-of-its-kind solution that’s redefining the way organizations build cyber GRC programs and manage cyber risk. Led by Or Amir, Product Manager at Kovrr, this session will offer a hands-on deep dive into the risk register’s extensive capabilities and show you why moving beyond static, spreadsheet-based registers to a fully quantified, dynamic risk intelligence framework is necessary for achieving resilience in today’s landscape.

View Video

Kovrr

Read more about Office Hours With Or Amir - Dive Into The First Ever CRQ-Powered Cyber Risk Register

AI Just Rewrote the Rules of BEC: Are Your Defenses Ready?

May 14, 2025 By Leah Sadoian In UpGuard

Today, the average phishing email that lands in your CEO's inbox is flawless. It uses perfect grammar, contains an intimate understanding of your organization’s current business landscape, and ends with an urgent, contextually relevant request. This isn't the work of a typical cybercriminal; it's the hallmark of generative AI being weaponized, transforming social engineering from a numbers game into a targeted strike.

Read Post

UpGuard

Read more about AI Just Rewrote the Rules of BEC: Are Your Defenses Ready?

Understanding Market Dynamics in Pre-IPO Investment Decisions

May 14, 2025 By SecuritySenses In SecuritySenses

Looking to secure your stake at the start of the next major breakthrough? Investments in Pre-IPO companies can deliver significantly larger returns compared to traditional public market investments. The current investment environment has led to unprecedented numbers of retail investors attempting to purchase private company shares before they become publicly available. The appeal is obvious.

Read Post