Infosecurity Magazine

The rapid adoption of cloud platforms has increased the risk of identity-based attacks, putting critical systems and data at risk. On March 27, join SSH Communications Security for a webinar where an expert panel will discuss why modernizing PAM strategies is essential in the face of evolving cloud threats. The session will cover how PAM can strengthen security, support enterprise needs, and drive ROI. Register now: https://bit.ly/3D1xRoS

The rise of AI-driven threats means organizations can no longer rely solely on traditional defense strategies. Attackers are leveraging AI to automate, scale, and refine their tactics—making prevention-first security models not just important, but essential. AI isn’t just part of the problem; it’s also part of the solution. As threats grow more complex and adaptive, organizations must harness AI’s power to stay ahead while remaining vigilant against the very technology cybercriminals are weaponizing. Read more in this article by Everfox: https://lnkd.in/etZc_YPK

Stolen credentials are widely traded on the dark web, providing cybercriminals with a direct route into organizations’ systems, data and resources. Because credentials offer the easiest method of initial access, hackers prioritize them as a key tool for infiltration. Once compromised, they can be used to deploy malware, commit identity theft, conduct financial fraud and carry out advanced persistent threats. Read more in this article by Outpost24: https://bit.ly/4boiByZ

The average fix time for software security vulnerabilities has risen to 8.5 months, according to Veracode’s latest State of Software Security report. ?? This represents a 47% increase over the past five years and a 327% increase compared to 15 years ago. Additionally, half of all organizations have critical security debt – defined as accumulated high-severity vulnerabilities left open for longer than a year. ?? Read our article to learn more about Veracode's report: https://bit.ly/3XnW4N7

In the summer of 2024, TeamViewer fell victim to a cyber-attack by Russian APT group Midnight Blizzard. Leading the response was Robert Haist, TeamViewer’s CISO, along with his team of 35 cybersecurity professionals. They swiftly contained the threat and turned the incident into an opportunity to enhance security measures across the organization. In a recent conversation with Infosecurity, Haist detailed how TeamViewer responded to the attack, how cybersecurity is integrated into product development, and the biggest challenges facing the industry today. Read the full interview here: https://bit.ly/4ijVLuK

Researchers at Forescout Technologies Inc. have found that Silver Fox, a recently identified Chinese-backed hacking group, was exploiting Philips Digital DICOM viewers, medical imaging software applications designed to display and analyze medical images, such as X-rays, CT scans, MRI scans and ultrasounds. Once installed, the malware drops ValleyRAT, a backdoor that gives attackers full control of victim computers, potentially opening doors into sensitive hospital networks. ?? Read the full story here: https://bit.ly/4kpPFL0

Third-party vendors remain a significant source of vulnerabilities that can lead to breaches and cyber-attacks. According to Grand View Research, Incearch, the global third-party risk management market was valued at $7.42 billion in 2023 and is projected to grow at a 15.7% CAGR through 2030. As cyber threats from external partners continue to rise, organizations must take proactive steps to mitigate these risks. Read more in this article by Travelers: https://bit.ly/4i7iAlF

Marnie Wilking stepped into the role of Chief Security Officer (CSO) at Booking.com in 2023, bringing with her three decades of security expertise. Her focus is on integrating security with business strategy while tackling the complexities of safeguarding a global marketplace. In an interview with Infosecurity, she shared insights into the challenges of protecting a platform that serves millions worldwide and explored how AI is playing a crucial role in strengthening defenses against evolving cyber threats. Read the full interview here: https://bit.ly/43amSnJ

In a new report, Proofpoint uncovered a brand-new infostealer targeting macOS environments called FrigidStealer. This malware is deployed in campaigns involving TA569 (aka Mustard Tempest, Gold Prelude, Purple Vallhunda), a prolific threat actor primarily known for its deployment of website injections leading to a JavaScript payload known as FakeUpdates/SocGholish. Proofpoint also revealed two new groups linked to TA569, TA2726 and TA2727. The security firm assessed with high confidence that TA2726 acts as a traffic distribution service provider for TA569 and TA2727, with some campaigns previously attributed to TA569 now reattributed to TA2726 and TA2727. Learn more about FrigidStealer deployment and TA2726’s and TA2727’s TTPs here: https://bit.ly/4hNbTVN

Some of the most sensitive corporate and military networks in the US could be at risk of compromise after researchers revealed widespread credential theft via infostealer malware. Hudson Rock said its analysis of cybercrime marketplaces revealed compromised credentials for sale from Lockheed Martin, Boeing and Honeywell as well as the US Army and Navy, the FBI and the Government Accountability Office (GAO). Learn more about this threat here: https://bit.ly/4bexJ28