Cybersecurity
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling over into the mainstream news due to the severity of the disruption caused — currently looking like hundreds of millions in lost profits for M&S alone. This coverage is extremely…
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security
Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to…
Separating hype from reality: How cybercriminals are actually using AI
From boardroom conversations to industry events, “artificial intelligence” is the buzz phrase that’s reshaping how we collectively view the future of security. The perspectives are diverse, to say the least. Some insist that AI is a long overdue silver bullet, while others believe it will gradually destroy digital society as we know it. When it…
What is Security? | Definition from TechTarget
Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization’s digital assets. The goal of IT security is to protect these assets, devices and services from being disrupted, stolen or exploited by unauthorized users, otherwise known as threat actors. These threats can be external or internal and malicious…
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
PALO ALTO, California, May 29th, 2025, CyberNewsWire Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims…
Infosec products of the month: May 2025 – Help Net Security
Here’s a look at the most interesting products from the past month, featuring releases from: Anchore, BalkanID, Cyble, groundcover, Hunted Labs, LogicGate, McAfee, Obsidian Security, Outpost24, PentestPad, ProcessUnity, Resecurity, Searchlight Cyber, SecuX, ServiceNow, ThreatMark, and Verosint. New MCP server from groundcover redefines LLM observability A new MCP server, faster than any other on the market,…
Beyond the kill chain: What cybercriminals do with their money (Part 5)
Content warning: Because of the nature of some of the activities we discovered, this series of articles contains content that some readers may find upsetting. This includes profanity and references to drugs, drug addiction, gambling, pornography, violence, arson, and sex work. These references are textual only and do not include images or videos. Having explored…
Don’t give your personal data to fraudsters: Dodging Docusign scam emails
Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data 27 May 2025 • , 5 min. read Remember when you used to have to print, sign, scan, email and/or even fax every time you wanted to sign and send an official document?…
AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale
Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal knowledge bases for instant answers. Each new agent must authenticate to other services, quietly swelling the population of non‑human identities (NHIs) across corporate clouds. That population is already overwhelming the enterprise: many companies now juggle at…
Die wertvollsten Security-Zertifizierungen
Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser. Gorodenkoff | shutterstock.com (Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen – und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über…