Tag: infosec

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

Jun 20, 2025 8:36 PM

Tags: infosec, ransomware

It’s a marketing move to lure more affiliates, says infosec veteran First seen on theregister.com Jump to article: www.theregister.com/2025/06/20/qilin_ransomware_top_dogs_treat/
New infosec products of the week: June 20, 2025

Jun 20, 2025 6:35 AM

Tags: ai, infosec

Here’s a look at the most interesting products from the past week, featuring releases from BigID, Dashlane, Sumsub, and Jumio. Dashlane’s AI model alerts businesses to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/20/new-infosec-products-of-the-week-june-20-2025/
Malicious Payload Found in JPEG Image Using Steganography and Base64 Obfuscation

Jun 16, 2025 8:54 PM

Tags: cyber, cybersecurity, data, infosec, malicious, threat

Cybersecurity enthusiast Xavier shed light on a sophisticated method of hiding malicious payloads within seemingly innocuous JPEG images. This discovery has sparked significant interest in the infosec community, as it highlights the growing complexity of cyber threats leveraging steganography the art of concealing data within other data. Through dynamic analysis, researchers can uncover these hidden…
‘Water Curse’ Targets Infosec Pros Via Poisoned GitHub Repositories

Jun 16, 2025 7:54 PM

Tags: attack, github, group, infosec, supply-chain, threat, tool

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/water-curse-targets-cybersecurity-pros-github-repos
Wanted: Junior cybersecurity staff with 10 years’ experience and a PhD

Jun 13, 2025 3:54 PM

Tags: cybersecurity, infosec

Infosec employers demanding too much from early-career recruits, says ISC2 First seen on theregister.com Jump to article: www.theregister.com/2025/06/13/infosec_employers_demanding_too_much/
New infosec products of the week: June 13, 2025

Jun 13, 2025 6:57 AM

Tags: infosec

Here’s a look at the most interesting products from the past week, featuring releases from Contrast Security, Cymulate, Lemony, SpecterOps, Thales, and Vanta. Lemony mitigates … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/13/new-infosec-products-of-the-week-june-13-2025/
InfoSec distribution panel: The value of expertise

Jun 6, 2025 7:55 PM

Tags: infosec

At security industry show InfoSec, executives from a number of distributors shared their views on the benefits they offer to partners and vendors First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366625553/InfoSec-distribution-panel-the-value-of-expertise
New infosec products of the week: June 6, 2025

Jun 6, 2025 6:54 AM

Tags: fortinet, infosec, network

Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/06/new-infosec-products-of-the-week-june-6-2025/
Getting the Most Value Out of the OSCP: After the Exam

Jun 2, 2025 10:54 PM

Tags: access, attack, automation, bug-bounty, business, cloud, compliance, conference, control, corporate, credentials, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, flaw, framework, google, governance, group, guide, hacker, hacking, incident response, infosec, injection, intelligence, Internet, iran, jobs, kali, linkedin, linux, malicious, malware, microsoft, mobile, network, office, open-source, penetration-testing, powershell, privacy, RedTeam, reverse-engineering, risk, service, skills, soc, social-engineering, sql, strategy, stuxnet, technology, threat, tool, training, update, vulnerability, windows

In the final post of this series, I’ll discuss what to do after your latest exam attempt to get the most value out of your OSCP journey. DISCLAIMER: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been…
Infosec products of the month: May 2025

May 30, 2025 6:55 AM

Tags: infosec

Here’s a look at the most interesting products from the past month, featuring releases from: Anchore, BalkanID, Cyble, groundcover, Hunted Labs, LogicGate, McAfee, Obsidian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/30/infosec-products-of-the-month-may-2025/
Cybersecurity Insights with Contrast CISO David Lindner – 05/23/25

May 24, 2025 12:55 AM

Tags: access, attack, ciso, control, cybersecurity, finance, infosec, jobs, monitoring, threat
DeepTempo Wins Global InfoSec Award for Advanced Threat Identification

May 23, 2025 9:55 PM

Tags: access, cloud, conference, cyber, cybersecurity, defense, detection, infosec, mitre, soc, threat

It’s been a few weeks since the marketing excesses of the RSA Conference, and a quick glance at any day’s headlines confirms: attackers are collaborating and innovating faster than defenders can keep up. DeepTempo empowers security teams with purpose-built deep learning to detect threats earlier, streamline SOC workflows, and boost overall cyber resilience. While at…
CISA says SaaS providers in firing line after Commvault zero-day Azure attack

May 23, 2025 7:55 PM

Tags: attack, cisa, infosec, saas, zero-day

Cyberbaddies are coming for your M365 creds, US infosec agency warns First seen on theregister.com Jump to article: www.theregister.com/2025/05/23/cisa_commvault_zero_day/
New infosec products of the week: May 23, 2025

May 23, 2025 6:54 AM

Tags: infosec, threat

Here’s a look at the most interesting products from the past week, featuring releases from Anchore, Cyble, Outpost24, and ThreatMark. Outpost24 simplifies threat analysis with … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/new-infosec-products-of-the-week-may-23-2025/
New infosec products of the week: May 16, 2025

May 16, 2025 6:54 AM

Tags: infosec

Here’s a look at the most interesting products from the past week, featuring releases from Hunted Labs, McAfee, Obsidian Security, PentestPad, Resecurity, and SecuX. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/16/new-infosec-products-of-the-week-may-16-2025/
Keyfactor übernimmt Infosec Global und Cipher Insights, um Marktführer im Bereich quantenresistente Sicherheit zu werden

May 15, 2025 5:54 PM

Tags: infosec, risk

Keyfactor gibt die Übernahme von Infosec Global, einem führenden Anbieter im Bereich kryptografisches Posture-Management, und von Cipher Insights, einer fortschrittlichen Lösung zur Aufspürung kryptografischer Risiken des Unternehmens Quantum Xchange, bekannt. Mit den strategischen Übernahmen positioniert sich Keyfactor als Marktführer in den Bereichen digitales Vertrauen und Quantenbereitschaft. Das Unternehmen führt die umfassendsten Lösungen zur Aufspürung und…
CISA Reverses Decision on Cybersecurity Advisory Changes

May 14, 2025 4:38 PM

Tags: advisory, cisa, cybersecurity, infosec

CISA paused plans to overhaul its advisory system after backlash from the infosec community First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/
Keyfactor Bolsters Quantum Readiness With Dual Acquisitions

May 13, 2025 4:38 PM

Tags: automation, infosec

Real-Time, Deep Cryptographic Discovery Added to Certificate Automation Portfolio. Keyfactor is acquiring CipherInsights and InfoSec Global in a move designed to shift cryptographic security earlier in the lifecycle. The acquisitions offer real-time and deep discovery capabilities to help customers identify and remediate cryptographic weaknesses ahead of quantum disruption. First seen on govinfosecurity.com Jump to article:…
New infosec products of the week: May 9, 2025

May 9, 2025 7:10 AM

Tags: ai, cyber, infosec

Here’s a look at the most interesting products from the past week, featuring releases from ProcessUnity, Searchlight Cyber, ServiceNow, and Verosint. ServiceNow unveils AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/09/new-infosec-products-of-the-week-may-9-2025/
Top tips for successful threat intelligence usage

May 6, 2025 8:50 AM

Tags: ai, attack, automation, cloud, computing, data, ddos, detection, exploit, firewall, group, guide, incident response, infosec, infrastructure, intelligence, law, mitigation, network, phishing, siem, skills, soar, software, threat, tool, update, vulnerability, vulnerability-management

Make sure you don’t have more intel than you need: Next is the matching phase: the most sophisticated TIP may be overkill if you have a small infosec department with limited skills or have a relatively simple computing environment. According to this 2025 report from Greynoise, threat feeds must match your own environment in terms…
Seceon Wins Three Global Infosec Awards at RSAC 2025

May 5, 2025 6:49 PM

Tags: cybersecurity, edr, infosec, service, tool

At Seceon, we’ve always believed that solving cybersecurity isn’t about adding more tools but building smarter ones. That belief was validated in a big way this year at RSAC 2025, where we proudly took home three Global Infosec Awards. ðŸ† Best Comprehensive Cybersecurity PlatformðŸ† Best SMB Managed Security Services Platform (for aiSecurity-CGuard)ðŸ† Best XDR Platform…
RSAC 2025: Ex-CISA head Krebs defiantly urges infosec community to keep up the good fight

May 2, 2025 10:50 PM

Tags: cisa, infosec

First seen on scworld.com Jump to article: www.scworld.com/news/rsac-2025-ex-cisa-head-krebs-defiantly-urges-infosec-community-to-keep-up-the-good-fight
BSidesLV24 Proving Ground You Can Be Neurodivergent And Succeed In InfoSec

May 2, 2025 9:50 PM

Tags: conference, infosec

Author/Presenter: Randall Wyatt Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/bsideslv24-proving-ground-you-can-be-neurodivergent-and-succeed-in-infosec/
What is EDR? An analytical approach to endpoint security

May 2, 2025 11:50 AM

Tags: access, android, antivirus, api, attack, automation, breach, cloud, corporate, data, defense, detection, edr, email, endpoint, firewall, incident response, infection, infosec, infrastructure, intelligence, Intruder, linux, macOS, malicious, malware, network, service, siem, soar, software, threat, tool, training

EDR vs. antivirus: What’s the difference?: Antivirus software has similar goals to EDR, in that it aims to block malware from installing on and infecting endpoints (usually user PCs). The difference is that antivirus spots malicious activity by trying to match it to signatures, known patterns of code execution or behavior that the security community…
Infosec products of the month: April 2025

May 2, 2025 6:50 AM

Tags: ai, infosec, network

Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Abnormal AI, AppViewX, Arctic Wolf Networks, Bitdefender, BitSight, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/02/infosec-products-of-the-month-april-2025/
Infosec pros tell Trump to quit bullying Chris Krebs it’s undermining security

Apr 29, 2025 3:51 PM

Tags: defense, infosec, risk

Top voices warn that political retaliation puts democracy and national defense at risk First seen on theregister.com Jump to article: www.theregister.com/2025/04/29/infosec_trump_krebs_letter/
Cybersecurity leaders decry ‘political persecution’ of Chris Krebs in a letter to the President

Apr 29, 2025 2:52 PM

Tags: cybersecurity, infosec, jobs, law

Demand for immediate action: The letter concluded with a specific petition for the Trump Administration to immediately take two actions: reinstate the security clearances of SentinelOne employees and rescind the order to the Department of Justice investigating Krebs.”An independent infosec community is fundamental to protecting our democracy, and to the profession itself,” the letter asserted.…
New infosec products of the week: April 25, 2025

Apr 25, 2025 6:51 AM

Tags: cyber, infosec

Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, PowerDMARC, Skyhawk Security, Stellar Cyber, Swimlane, and Veracode. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/25/new-infosec-products-of-the-week-april-25-2025/
Lesson from huge Blue Shield California data breach: Read the manual

Apr 25, 2025 5:50 AM

Tags: access, api, banking, breach, ciso, cloud, compliance, control, credit-card, data, data-breach, email, finance, google, group, infosec, insurance, mitigation, privacy, risk, service, software, threat, training

read the documentation of any third party service you sign up for, to understand the security and privacy controls;know what data is being collected from your organization, and what you don’t want shared.”It’s important to understand these giant platforms make it easy for you to share your data across their various services,” he said. “So…
Oracle hopes talk of cloud data theft dies off. CISA just resurrected it for Easter

Apr 18, 2025 7:28 PM

Tags: cisa, cloud, data, infosec, oracle, theft

Some in the infosec world definitely want to see Big Red crucified First seen on theregister.com Jump to article: www.theregister.com/2025/04/18/oracle_cisa_advisory/