AWS Launches New Incident Response Service
AWS Security Incident Response will help security teams defend their organizations from account takeovers, breaches, ransomware attacks, and other types…
New Rockstar 2FA phishing service targets Microsoft 365 accounts
A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials.…
Geico, Travelers Fined $11.3M for Lax Data Security
New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims…
Innovator Spotlight: Sumo Logic
The rapid adoption of cloud and digital services is driving exponential data growth, creating fragmented visibility and operational silos across…
Hackers abuse Avast anti-rootkit driver to disable defenses
A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take…
It’s Near-Unanimous: AI, ML Make the SOC Better
Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say artificial…
MITRE shares 2024’s top 25 most dangerous software weaknesses
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000…
Lessons From OSC&R on Protecting the Software Supply Chain
A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much…
Critical bug in EoL D-Link NAS devices now exploited in attacks
Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached…
New Google Pixel AI feature analyzes phone conversations for scams
Google is adding a new AI-powered scam protection feature that monitors phone call conversations on Google Pixel devices to detect…