Tips for Securing the Software Supply Chain
“Software supply chain attacks are at the top of all CISOs’ minds,” says ReliaQuest CISO Jeff Music. Music attributes the popularity of software supply chain attacks to the fact that these attacks are relatively easy to conduct and have a significant payoff for the attacker. “This is especially the case if the vulnerable hardware or…
Boat Dealer MarineMax Confirms Data Breach 
The company disclosed the incident in a regulatory filing on March 10, when it admitted that the attack caused some disruption and involved unauthorized access to some of its IT systems. However, MarineMax said at the time that the breached environment did not store any sensitive data. Roughly 10 days later, the Rhysida ransomware group…
Cybersecurity Threats Intensify in the Middle East During Ramadan
The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity. The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often…
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican…
PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers
The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said “new project creation and new user registration” was temporarily halted to mitigate what it said was a “malware upload campaign.” The incident was resolved 10 hours…
Japan Runs Inaugural Cyber Defense Drills With Pacific Island Nations
Japan held cyber defense exercises with five Pacific island nations last month in an effort to shore up cybersecurity defenses in the region. The cybersecurity exercise event, held in Guam in mid-February, was a first for Japan. Japan’s Ministry of Internal Affairs and Communications led the event, which included government officials and network providers from…
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple…
The UK’s Online Safety Act: a breakdown of key changes
The UK’s long-awaited Online Safety Act has finally come into force, bringing with it a raft of new digital offences. We have written about the Act a few times in the past, so here is a quick rundown of what has changed now it has become law. Cyberflashing is outlawed According to research, 76% of…
3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage
Globally, cybersecurity threats continue to accelerate in pace and scale with rising malware and deepfake attacks. Over a third of organizations worldwide suffered a material cyber incident from malicious actors in the past year, while 73% were affected by ransomware attacks in 2023. With these cyberattacks come serious financial costs — global damages total an…
Demystifying a Common Cybersecurity Myth
One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a…
