ZEST Security’s Cloud Risk Exposure Impact Report Reveals 62% of Incidents are Related to Risks Known to the Organization

How to make the most of the new features in Sophos Firewall v21.5

The time to secure foundations, empower teams, and make cyber resilience the standard is now — because the cost of waiting is far greater than the investment in proactive security.

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber espionage campaign. “This threat entity demonstrates a strong preference for using shortcut files (LNK), VBScript, and post-exploitation tools such as Cobalt Strike and Metasploit, while…

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users. The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket….

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. “MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News. “The malware employs sandbox and virtual machine evasion techniques, a domain

Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems.