Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks
The maintainer of a widely used npm module served up an unwelcome surprise for developers.
5 Reasons Organizations Need Comprehensive AD Security Across Cloud and On-Prem
Why Organizations Need to Secure Directory Services in a Hybrid Deployment from Attack Paths By Justin Kohler, Director […] The…
Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware
Researchers are tracking a number of open-source "protestware" projects on GitHub that have recently altered their code to display "Stand…
Microsoft creates tool to scan MikroTik routers for TrickBot infections
The TrickBot trojan has just added one more trick up its sleeve, now using vulnerable IoT (internet of things) devices…
Russia State-Sponsored Hackers Used Misconfigured MFA to Breach NGO
FBI and CISA warn of attack on multifactor authentication account to exploit "PrintNightmare" exploit.
How Should My Security Analyst Use the MITRE ATT&CK Framework?
As a curated knowledgebase for adversary behavior, the MITRE ATT&CK framework can guide defenders on how to conduct an investigation…
Hackers fork open-source reverse tunneling tool for persistence
Security experts have spotted an interesting case of a suspected ransomware attack that employed custom-made tools typically used by APT…
Google to Buy Mandiant, Aims to Automate Security Response
In a deal worth $5.4 billion, Google would expand its security portfolio with managed detection and response (MDR) and threat…
Attivo Expands Active Directory Protection from Unmanaged Devices, Including Mac, Linux, IoT/OT
Attivo Networks ADSecure-DC solution joins the company’s existing suite of Active Directory protection products.
TrickBot malware operation shuts down, devs move to stealthier malware
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development…