With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate traffic and what is potentially dangerous? Where do you turn when firewalls and endpoint detection and response (EDR) fall short at detecting the most important threats to your organization? Breaches at edgeRead More »That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

CISA warns that Iranian cyber actors may target critical infrastructure in the United States. 

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack DeliveryRead More »Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world. The sanctions also extend to its subsidiaries AezaRead More »U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts. “This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functionalRead More »Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale