69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or organization, according to Expel. Identity-based incidents... Read more »

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and... Read more »

Graylog released a free version of Graylog API Security. This API discovery and monitoring tool makes API security accessible to enterprises of all sizes at a time when API-related... Read more »

Qualys is expanding Qualys CyberSecurity Asset Management (CSAM) to identify unmanaged and untrusted devices in real-time. Leveraging the Qualys Cloud Agent to continuously monitor the network, this passive discovery... Read more »

The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical infrastructure organizations. A botnet for probing... Read more »

Secureworks launched AI-powered Threat Score to silence alert noise and reduce security analyst workload by over 50%. With ransomware dwell times falling, security analysts are under more pressure than... Read more »

Dynatrace announced it has extended its analytics and automation platform to provide holistic observability and security for LLMs and generative AI-powered applications. This enhancement to the Dynatrace platform enables... Read more »

In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO). This offering is a best practice framework with six actionable pillars to automate cybersecurity... Read more »

A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab... Read more »