Archives

What is the difference between incident response & threat hunting?

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  When it comes to protecting data in an evolving threat landscape, two common strategies are at the forefront: incident response and threat hunting. […]

Navigating the Cyber Insurance landscape as a Gen Z digital citizen

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In the modern world, cybersecurity and cyber insurance go hand in hand. As we head into the future and the presence of AI […]

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages. The malware “possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social stigma, or, at the very least, be embarrassing. In a developer’s or application security engineer’s […]

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. “A npm package’s manifest is published independently from its tarball,” Darcy Clarke, a former GitHub and npm engineering manager

Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns

Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland’s Data Protection Commission (DPC). The development was reported by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won’t […]

Fake reviewers face big fines

The FTC is cracking down on fake reviews. Under the new proposed rules, organisations involved in the buying, selling, and manipulation of reviews could be very much out of pocket. Every time a consumer sees a fake review, it will carry a fine of “up to $50,000” per viewing. From the FTC release: Our proposed rule […]

Elderly targeted in car accident scam, kingpin arrested

The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. After a joint operation in Germany, Poland, and the UK, Europol says the suspect was arrested in London from where he ran a network of fraudsters targeting mainly German and Polish citizens. Europol estimates that the overall […]