Hacking

AI may be ushering in a new breed of malicious threat actors who know even less about hacking than script kiddies but can produce professional-grade hacking tools.

A call for organizations to take quantum security seriously has been sounded in a new report by Forrester Research. The hype and interest around quantum is real because hackers are already using the “harvest now, decrypt later" approach, the report noted.

The Shadowserver Foundation reports that the campaign, which has been ongoing since January, involves as many as 2.8 million IP addresses daily, targeting VPN devices, firewalls, and gateways from vendors like Palo Alto Networks, Ivanti, and SonicWall.

Experts predict new threats, expanded attack surfaces, and the critical need for secure and responsible AI adoption as it reshapes cybersecurity strategies in 2025.

The campaign discovered by Zimperium zLabs targets Android mobile phones and aims to distribute a variant of the Antidot banking trojan that the researchers have dubbed AppLite Banker.

A new discipline, machine learning security operations (MLSecOps), has emerged to provide a foundation for robust AI security. Let’s explore five foundational categories within MLSecOps.

Deception is critical to the malevolent activity of Black Hat hackers, but, as Microsoft recently showed, it can also be a powerful weapon against those hackers.

These attacks present broader risks that can impact critical infrastructure such as health care systems, autonomous vehicles, financial markets, national security, and military applications.

Cybersecurity experts and government officials have long supported the policy of not paying ransoms due to its potential to curb criminal activity and reduce attacks. Paying ransoms is risky and unreliable and does not guarantee that cybercriminals will restore access or decrypt files.

By offering pre-packed, plug-and-play malware, the MaaS market has enabled even inexperienced attackers to carry out potentially disruptive attacks regardless of their skill level or technical ability.

The US$75 million payment made to the Dark Angels ransomware group was discovered by Zscaler's security research arm ThreatLabz earlier this year.

Security risk management software firm Panorays shed new light on the worsening network security problems workers cause. This internal threat occurs when employees use their organization's network to experiment with generative AI and other AI tools.

Cat-phishing, using a popular Microsoft file transfer tool to become a network parasite, and bogus invoicing are among the notable techniques cybercriminals deployed during the first three months of 2024, according to the quarterly HP Wolf Security Threat Insights Report.

To effectively counteract the sophisticated threats posed by deepfake technologies, organizations must enhance their identity and access management systems with the latest advancements in detection and encryption technologies. This proactive approach will not only reinforce the security of biometric...