Legion AWS credential harvester and hijacker analyzed

Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of its predecessor, with a continued emphasis on exploiting PHP web applications. In this Help Net Security video, Matt Muir, Threat Intelligence Researcher at Cado Security, overviews Legion’s cloud-specific functionality. The post […]

Continue Reading

How to avoid shadow AI in your SOC

Samsung’s recent discovery that employees had uploaded sensitive code to ChatGPT should serve as a reminder for security leaders to tread carefully when it comes to integrating new artificial intelligence tools throughout their organizations. Shadow AI Employees are using the new family of generative AI tools like ChatGPT whether they’re allowed to or not. Research […]

Continue Reading

CISO-level tips for securing corporate data in the cloud

The presence of each third-party application increases the potential for attacks, particularly when end users install them without proper oversight or approval. IT security teams face challenges in obtaining comprehensive knowledge about the apps connected to their corporate SaaS platforms, including their permissions and activities. In this Help Net Security video, Matt Radolec, Senior Director, […]

Continue Reading

Navigating the quantum leap in cybersecurity

In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography. With over two decades of experience in cryptography and cybersecurity, Dr. Yamada discusses his vision for ISARA and shares his insights on the critical role of post-quantum […]

Continue Reading

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews

Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon. AI-generated content found via Google (Source: ShadowDragon) Uncovering AI-generated content through OSINT Dekens has recently tried to pinpoint specific indicators […]

Continue Reading

7 access management challenges during M&A

Integrating an acquired company into a single organization is a daunting task that can take weeks, months, or even years to complete. To have a successful conclusion to the mergers and acquisitions (M&As) process, identity and access management (IAM) teams need time to prepare, test, and communicate with users to ensure the process goes as […]

Continue Reading

Gap between OT security assumptions and reality

In the fast-evolving landscape of technology and connectivity, ensuring the security of operational technology (OT) systems has become a paramount concern for organizations worldwide. In this Help Net Security video, Daniel Bren, CEO at OTORIO, discusses a significant discrepancy between how companies perceive their OT security posture and the harsh reality they often face. The […]

Continue Reading

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a script that triggers the vulnerability and achieves a reverse root shell. About CVE-2023-28771 CVE-2023-28771 affects: Zyxel APT, USG FLEX, and VPN firewalls running versions v4.60 […]

Continue Reading