Author: HackWatchit

Look at any article with advice about best practices for cybersecurity, and about third or fourth on that list, you’ll find something about applying patches and updates quickly and regularly. Patching for known vulnerabilities is about as standard as it gets for good cybersecurity hygiene, right up there with using multi-factor authentication and thinking before you click on links in emails from unknown senders. So imagine my surprise when attending Qualys QSC24 in San Diego to hear a number of conference speakers say that patching shouldn’t be an automatic reaction. In fact, they say, there are times when it is…

Authored by Anuradha, Sakshi Jaiswal  In 2024, scams in India have continued to evolve, leveraging sophisticated methods and technology to exploit unsuspecting individuals. These fraudulent activities target people across demographics, causing financial losses and emotional distress. This blog highlights some of the most prevalent scams this year, how they operate, some real-world scenarios, tips to stay vigilant and what steps to be taken if you become a victim. This blog covers the following scams: WhatsApp Scam Instant Loan Scam Voice Cloning Scam Credit Card Scam Fake Delivery Scam Digital Arrest Scam 1.WhatsApp Scam: Scam Tactics: Fraudsters on WhatsApp employ deceptive…

At the S4x25 event, Dale Peterson sat down with Paul Griswold, former chief product officer at Honeywell, for an engaging fireside chat that delved into the state of industrial control systems (ICS) security. The conversation provided candid insights into the progress made, ongoing challenges, and future directions for vendors, integrators, and asset owners within the ICS landscape.  Opening thoughts: Reflecting on industry progress  Peterson opened the discussion by highlighting Griswold’s recent transition from Honeywell, noting the value of candid insights that often come after leaving corporate roles. The duo set the tone for an honest evaluation of ICS security, steering…

Security Analyst, Malware Researcher, New Technology Researcher Evangelist This blog post is aimed at the intermediate level learner in the fields of data science and artificial intelligence. If you would like to read up on some fundamentals, here is a list of useful resources. Large Language Models Generative large language models (LLMs) based on the transformer architecture have become a very popular technology in natural language processing (NLP). As most readers are aware, there are many popular public LLMs out there which are used daily via a web-based or JSON restful API interface. Some examples are: ChatGPT (OpenAI) Gemini (Google)…

Key Findings We’re thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. In this blog, we’ll preview the report’s highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Phishing Remains Top Tactic, Fueled by Teams Abuse Figure 1: Top attack techniques in true-positive customer incidents for finance & insurance sector, H2 2024 vs H2 2023 Phishing dominated cyber attacks in H2 2024, accounting for over 90% of incidents across industries due to its simplicity…

Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems. The company learned about the flaws through its responsible disclosure program from security researchers at CISA and Akamai, and through the HackerOne bug bounty platform. Ivanti notes in the security bulletin that it received no reports about any of the issues being actively exploited in the wild. However, it it recommends that users install the security updates as soon as possible. The three critical security vulnerabilities Ivanti patched are the following:…

North Korea-linked APT Emerald Sleet is using a new tactic Pierluigi Paganini February 12, 2025 Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted North Korea-linked threat actor Emerald Sleet (also known as Kimsuky and VELVET CHOLLIMA) using a new tactic. They are tricking targets into running PowerShell as an administrator and executing code provided by the attacker. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in 2013. The group works under the control of the Reconnaissance General Bureau (RGB) foreign intelligence…

Palo Alto, USA, January 30th, 2025, CyberNewsWire SquareX discloses a new attack technique that shows how malicious extensions can be used to completely hijack the browser, and eventually, the whole device. PALO ALTO, Calif., Jan. 30, 2025 — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. However, until now, due to the limitations browser vendors place on the extension subsystem and extensions, it was thought to be impossible for extensions to gain full control of the browser, much less the device.…

The NIS2 (Directive (EU) 2022/2555 of the European Parliament and of the Council) imposes cybersecurity and information security compliance obligations on many organizations that previously had no such requirements. Most of these organizations, wishing to avoid financial penalties, aim to comply with the directive and the national implementing laws. To achieve compliance, they engage expert firms to ensure adherence. The first step towards compliance is to conduct an audit to identify any non-compliances. This article aims to highlight the experiences from the GAP assessment audits for organizations that have recently become subject to NIS2 compliance. In most cases, the primary…