Download the Whitepaper "Debunking the Myth of Security vs. Productivity" to explore the significant risks associated with the use of open source components in software development, particularly the alarming surge of 700% in open source malware attacks in 2022 alone.
In this report you will find:
What tools and...
Managing software supply chains plays a massive part in your organization’s security strategy. Get a breakdown of issues central to software supply chain security, including: - The growing need for software supply chain management. - Why adversaries are attacking the supply chain. -How companies should approach...
Sonatype’s eighth annual State of the Software Supply Chain Report blends a broad set of public and proprietary data and analysis, including dependency update patterns for more than 131 billion Maven Central downloads and thousands of open source projects, survey results from 662 engineering professionals, and the...
The onset of COVID-19 has fast-tracked the trend of mobile-first banking. Mobile banking opens a whole new can of worms that security teams must prepare for. This means that it's more important than ever for banks to have robust cybersecurity measures in place to protect their customers.
Download this whitepaper to...
There are growing numbers of organized attackers whose sole focus is exploiting vulnerabilities in open source ecosystems, frequently by making their malware appear legitimate. Security and development teams need to understand the cascading impacts and changing landscapes of these exploitations, and put...
Cybersecurity expert Mikko Hypponen recently got sent "LL Morpher," a new piece of malware that uses OpenAI's GPT to rewrite its Python code with every new infection. While more proof-of-concept than current threat, "the whole AI thing right now feels exciting and scary at the same time," he said.
In this 14th edition, M-Trends provides an inside look at the evolving cyber threat landscape drawn from Mandiant incident response investigations and threat intelligence analysis of high-impact attacks and remediations around the globe across the last year.
This report also includes:
Latest Incident Response...
Apple users: Don't fear newly discovered samples of LockBit ransomware designed to target newer macOS devices. Researchers say the still-in-development code, tied to no known in-the-wild attacks, contains numerous errors, leaving it unable to execute.
A crew of English-speaking European teenagers with a variety of skills and knowledge of Greek and Roman mythology are likely behind an up-and-coming cybercrime group called FusionCore. Group leader "Hydra" in March shared a screenshot of a malware dashboard set to display Sweden time by default.
Hackers have used a modular toolkit called "AlienFox" to compromise email and web hosting services at 18 companies. Distributed mainly by Telegram, the toolkit scripts are readily available in open sources such as GitHub, leading to constant adaptation and variation in the wild.
When you think of using biometric technology as part of your multi-factor authentication process, you assume these attributes are safe. Cybercriminals can’t hack your fingerprints, can they? The answer may surprise you!
Biometric attributes aren’t as safe as they once were. Cybercriminals are always coming up...
Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
A major cause of corporate IT disruption stems from advanced unknown malware, phishing, and custom crafted attacks. Advanced malware is decidedly different from those detected by traditional signature-based anti-malware solutions as they are engineered to avoid detection using sophisticated evasion techniques. Even...
Cyren plans to cease operations and pursue liquidation after the email security and threat detection vendor failed to sell assets or raise more capital. The company terminated the employment of all remaining workers, commenced a bankruptcy proceeding in Israel and told Nasdaq to delist the company.
Lehigh Valley Health Network, which operates 13 hospitals and numerous physician practices and clinics in eastern Pennsylvania, says it has been hit with an attack by Russian-based ransomware-as-a-service group BlackCat. The network says it didn't pay a ransom and operations were not disrupted.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.