A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 countries, illustrating the capabilities of an increasingly popular tool among threat actors. The unknown hackers are using a platform called “Darcula” (sic) that..

The post ‘Darcula’ PhaaS Campaign Sinks Fangs into Victims appeared first on Security Boulevard.

Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

The post PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found appeared first on Security Boulevard.

With World Backup Day approaching, many organizations are increasing their attention to potential security threats and blindspots in their backup processes.

The post CRM Backup Trends to Watch on World Backup Day appeared first on Security Boulevard.

One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, suggesting operational technology must improve.

The post Industrial Enterprise Operational Technology Under Threat From Cyberattacks appeared first on Security Boulevard.

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support.

The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

The number of zero-day vulnerabilities that are exploited jumped in 2023, with enterprises becoming a larger target and spyware vendors and China-backed cyberespionage groups playing an increasingly bigger role, according to Google cybersecurity experts. In a report this week, researchers with Google’s Threat Analysis Group (TAG) and its Mandiant business said they saw 97 zero-day..

The post Google: Zero-Day Attacks Rise, Spyware and China are Dangers appeared first on Security Boulevard.

Checkmarx has integrated its platform for securing application development environments with Wiz's CNAPP.

The post Checkmarx Aligns With Wiz to Improve Application Security appeared first on Security Boulevard.

Just like pilot awareness is crucial during unexpected aviation events, cybersecurity's traditional focus on infrastructure needs to shift to more adept governance.

The post Cybersecurity Infrastructure Investment Crashes and Burns Without Governance appeared first on Security Boulevard.

Thousands of servers running AI workloads are under attack by threat actors exploiting an unpatched vulnerability in the open-source Ray AI framework – widely used by such companies as OpenAI, Uber, Amazon, Netflix, and Cohere – giving hackers entrée to huge amounts of data and compute power. The campaign has been ongoing for at least..

The post Hundreds of Clusters Attacked Due to Unpatched Flaw in Ray AI Framework appeared first on Security Boulevard.

Creating a security data fabric protects an organization’s investment in its security and other IT controls by identifying performance issues so they can be fixed.

The post How a Security Data Fabric Approach Can Transform the GRC Function appeared first on Security Boulevard.