cybersecurity best practices. – Page 2

From Graham Cluley – VanHelsing ransomware: what you need to know

First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Read more in my article on the Tripwire State of Security blog. Read More

Samir K March 28, 2025

News

From Security Week – New Issuance Requirements Improve HTTPS Certificate Validation

[[{"value":"HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation. The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 28, 2025

News

From The Hacker News – Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. "Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers," Sonatype researcher Ax Sharma said. "However, [...] the latest

shaikh Saqib March 28, 2025

News

From Cyber Security News – CISA Warns of Google Chrome Zero-day Vulnerability Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical zero-day vulnerability in Google Chrome that is actively being exploited in the wild. The vulnerability,…

shaikh Saqib March 28, 2025

News

From Dark Reading – Hoff’s Rule: People First

Dark Reading Confidential Episode 5: Christofer Hoff, chief secure technology officer at LastPass, shares the human side of the story of how he led his team through a major cyber…

shaikh Saqib March 28, 2025

News

From Security Week – UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach

[[{"value":"The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack. The post UK Software Firm Fined £3…

shaikh Saqib March 27, 2025

News

From Dark Reading – Google Hastily Patches Chrome Zero-Day Exploited by APT

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware. Read More

shaikh Saqib March 26, 2025

News

From The Hacker News – Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience

“A boxer derives the greatest advantage from his sparring partner…” — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center. This wasn’t Blue’s first day and despite his solid defense in front of the mirror, he feels the pressure.

shaikh Saqib March 26, 2025

News

From The Hacker News – How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More

When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity risks. According to Verizon's 2024 Data Breach Investigations Report, 57% of companies experience over

shaikh Saqib March 26, 2025

News

From Dark Reading – 5 Considerations for a Data Loss Prevention Rollout

Strong DLP can be a game-changer — but it can also become a slow-moving, overcomplicated mess if not executed properly. Read More

shaikh Saqib March 25, 2025

News

From Security Week – Numotion Data Breach Impacts Nearly 500,000 People

[[{"value":"Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals. The post Numotion Data Breach Impacts Nearly 500,000 People appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 25, 2025

News

From Dark Reading – FBI Warns of Document Converter Tools Due to Uptick in Scams

The FBI's Denver field office says the tools will convert documents while also dropping malware and scraping users' systems for sensitive data. Read More

shaikh Saqib March 25, 2025

News

From The Hacker News – How to Balance Password Security Against User Experience

If given the choice, most users are likely to favor a seamless experience over complex security measures, as they don’t prioritize strong password security. However, balancing security and usability doesn’t have to be a zero-sum game. By implementing the right best practices and tools, you can strike a balance between robust password security and a frictionless user experience (UX). This article

shaikh Saqib March 24, 2025

Articles

From Graham Cluley – BlackLock ransomware: What you need to know

BlackLock has become a big deal, very quickly. It has been predicted to be one of the biggest ransomware-as-a-service operations of 2025. Read more in my article on the Tripwire…

Samir K March 21, 2025

Articles

From Graham Cluley – Supply-chain CAPTCHA attack hits over 100 car dealerships

A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain attack that attempted to infect the PCs of internet visitors. Read…

Samir K March 20, 2025