Gene Yoo, CEO of Resecurity on Terror Activity via Cyberspace – Precursor to Olympics & Elections

According to this recent assessment by Resecurity, terrorist groups are increasingly using cyberspace to plan and execute attacks, as well as to conduct recruitment and establish anonymous communication channels. According to assessment by Resecurity, terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks, as well as to conduct recruitment and establish anonymous…

Read More

Global Checkmarx study reveals 63% of participating organisations have fallen victim to a software supply chain attack in past 2 years

As open source software grows to represent an ever-increasing percentage of enterprise application code, application security (AppSec) leaders and developers are challenged to mitigate the risk of falling victim to the weaponization of such packages by threat actors. Reporting on current open source AppSec practices and problems, Checkmarx, the industry leader in cloud-native application security for…

Read More

Anshul Gupta; On Governance, Risk & Compliance

This interview has been attributed to Anshul Gupta Anshul S Gupta is a seasoned cybersecurity leader with over 18 years of experience. He has been recognized for his expertise in threat and incident management, security compliance, and risk management. Anshul has spearheaded strategic cybersecurity initiatives and complex cyber transformation projects across diverse industries.  Anshul has…

Read More

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The vulnerabilities we found could have allowed attackers to access customers’ data…

Read More

Cybersecurity researchers of CloudSEK uncover rise in Investment scams on Social media

Investment scams primarily operate through social media and messaging platforms like WhatsApp and Telegram. CloudSEK found a surge in malicious content on these platforms — over 29,000 fraudulent ads on Facebook and a 81,000 fake investment groups on WhatsApp. The report covers an in-depth report exposing a troubling rise in investment scams targeting individuals in…

Read More

Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities

Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems.   The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on the victim…

Read More

Fraudsters Increasingly using “Troll Factories” to Spread Deceptive Content on Social Media to Defraud Individuals: Shawn Loveland COO, Resecurity

Recently Securitydive interacted with Shawn Loveland COO of Resecurity who  emphasized the company’s commitment to making cybersecurity services accessible to everyday citizens who may not be fully aware of looming cyber threats. Loveland stated, “Cybercriminals often exploit the digital identities of children, women, and law-abiding individuals to commit cybercrimes and fraud, causing detrimental impacts on the…

Read More

Kaspersky Experts Identify New Ransomware using BitLocker to encrypt corporate data

Kaspersky has identified ransomware attacks using Microsoft’s BitLocker to attempt encryption of corporate files. The threat actors are using VBScript – a programming language used to automate tasks on Windows computers – to create a malicious script with previously unreported features to maximize the damage of the attack, Kaspersky Global Emergency Response team reports. The…

Read More

Misinformation and Hacktivist Campaigns Target The Philippines Amidst Rising Tensions With China

Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year. The number of cyberattacks involving hacktivist groups and foreign misinformation campaigns has nearly tripled. In Q2 2024, this growth trajectory continues, with Resecurity observing multiple cyberattacks staged by previously unknown threat actors. These attacks are characterized by the…

Read More