Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of the Honeypot. The trap caught an activity about which the Western world does not hear too often while analyzing SkidMap. More importantly, this variant turned out to be a new, improved, dangerous variation of the malware. Its level of sophistication surprised us quite a bit.

During the summer months, when employees and customers are away on vacation, things usually slow down for businesses. But for cybercriminals, the opposite is true because they are busy taking advantage of minimal staffing levels in companies during the vacation period to launch complex attacks. The U.S. Federal Cybersecurity and Infrastructure Security Agency (CISA), warns that the risk of being hit by a cyberattacks rises over the holidays and summer vacation-themed phishing attacks gain momentum.

Your business runs on servers. Without your DNS server, your users wouldn’t be able to connect to online resources. Without your proxy servers, your local networks would be visible across the public internet. Without your database servers, your organization wouldn’t be able to execute the queries that enable them to make data-driven decisions. Since servers are critical to business operations, threat actors value them.

Unfortunately, Instagram is a common target for malicious hackers. Cybercriminals hack accounts in order to distribute spam, commit phishing attacks against your followers and steal your data. There were more than 1 million social media account takeovers in 2022, and most of the affected accounts were on Instagram.

The second annual threat report from the Sysdig Threat Research Team (Sysdig TRT) is packed with their findings and analysis of some of the hottest and most important cybersecurity topics this year. Threat actors are really embracing the cloud and are using it to their advantage to evade detection and speed up their attacks.

GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.

The landscape of cybercrime continues to evolve, and cybercriminals are constantly seeking new methods to compromise software projects and systems. In a disconcerting development, cybercriminals are now capitalizing on AI-generated unpublished package names also known as “AI-Hallucinated packages” to publish malicious packages under commonly hallucinated package names.

Artificial intelligence (AI) has generated significant hype in recent years, and separating the promise from reality can be challenging. However, at Torq, AI is not just a concept. It is a reality that is revolutionizing the SOC field, specifically in the area of Tier-1 security analysis, especially as cybercriminals become more sophisticated in their tactics and techniques. Traditional security tools continue to fall short in detecting and mitigating these attacks effectively, particularly at scale.

Despite being the second-largest internet market in the world, India has yet to pass a comprehensive data privacy bill. It is important to have policies and regulations in place to protect them and their right to data privacy—a right that India’s Supreme Court recognized in 2017. Since then, the country’s government has been working towards passing a bill that codifies the rights of individuals to data privacy and protection.

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future attacks. According to IBM’s Cost of a Data Breach 2022 report, the average data breach costs its victims $4.35 million.