by Beck Bailey | Apr 21, 2023 | RSS
Iranian APT hacking group MuddyWater has been observed using SimpleHelp, a legitimate remote device control and management tool, to ensure persistence on victim devices. SimpleHelp itself, as used by the threat actors, has not been compromised — instead, the group has...
by Beck Bailey | Apr 21, 2023 | RSS
With Neosec acquisition, Akamai gains capabilities around API visibility, a security challenge for organizations, many of which have hundreds of integrated applications. The post API security becoming C-level cybersecurity concern appeared first on...
by Beck Bailey | Apr 21, 2023 | RSS
A report by GitLab finds that AI and ML in software development workflows show promise, but challenges like toolchain complexity and security concerns persist. The post DevSecOps: AI is reshaping developer roles, but it’s not all smooth sailing appeared first on...
by Beck Bailey | Apr 21, 2023 | RSS
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s...
by Beck Bailey | Apr 21, 2023 | RSS
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim’s Google account. Dubbed GhostToken by Israeli...
Recent Comments