Category: Security

Hacker Appreciation Month: Badge Awards

Hacker Appreciation Month: Badge Awards

Celebrating the accomplishments of hackers is something we want to do year-round. However, we decided we wanted to root Cyber Security Awareness month and give it our own spin. At the start of October, as part of Hacker Appreciation Month,...

/ November 4, 2022
Researchers Detail New Malware Campaign Targeting Indian Government Employees

Researchers Detail New Malware Campaign Targeting Indian Government Employees

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. “This group abuses Google advertisements for the purpose of malvertising to distribute backdoored...

/ November 4, 2022
Benefits of Vulnerability Assessment – A Detailed Guide

Benefits of Vulnerability Assessment – A Detailed Guide

We all know that vulnerability assessment is very important nowadays, and that’s why most of companies use this assessment. Whether the company is small or it is a large IT sector, everyone needs to protect their company from cyberattacks, especially...

/ November 4, 2022
4 Major Benefits of Next Gen SIEM

4 Major Benefits of Next Gen SIEM

Security analysts are up against more cyberattacks than ever, increased attack surfaces, and more protective tools on the cloud and premises than ever before. All of that is accompanied by cybersecurity experts that are leaving the field. Stress, poor company...

/ November 3, 2022
Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Every SaaS app user and login is a potential threat; whether it’s bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization’s data and systems. Since enterprises...

/ November 3, 2022
SandStrike Spyware Infecting Android Devices through VPN Apps

SandStrike Spyware Infecting Android Devices through VPN Apps

Did you know 38% of VPN apps on Google Play Store are plagued with malware? Nonetheless, the IT security researchers at Kaspersky have discovered that threat actors are increasingly relying on SandStrike spyware that is specifically impacting Android devices. The...

/ November 2, 2022
Hacker AFK: the_arch_angel

Hacker AFK: the_arch_angel

Today’s hacker the_arch_angel  JXoaT: What was your first experience with hacking growing up?  the_arch_angel: I actually didn’t do any hacking growing up. It wasn’t until post-college that I started showing interest in computer security. Growing up, I had seen movies with...

/ November 2, 2022
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. “These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain...

/ November 2, 2022
Server-side attacks, C&C in public clouds and other MDR cases we observed

Server-side attacks, C&C in public clouds and other MDR cases we observed

Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. We hope that learning about the attacks that took...

/ November 2, 2022
How I Found My Next Mission In Cybersecurity

How I Found My Next Mission In Cybersecurity

Trevor Granger is a Technical Manager in Operations, Federal. He has 18 years of service and is currently in Officer Training School for the Air Force. I was a freshman in high school when September 11th, 2001 happened. I will...

/ November 2, 2022
Leaked Amazon Prime Video Server Exposed Users Viewing Habits

Leaked Amazon Prime Video Server Exposed Users Viewing Habits

Remember when a Chinese server leaked 7GB worth of data including fake Amazon reviews? Well now, an Elasticsearch database dubbed Sauron was left unprotected in cyberspace without any security authentication. According to security researcher Anurag Sen, the database was stored...

/ November 1, 2022
Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones.  The now patched vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep...

/ November 1, 2022