Beijing, China, 4th June 2025, CyberNewsWire
The post ThreatBook Selected in the First-ever Gartner® Magic Quadrant™ for Network Detection and Response (NDR) appeared first on Security Boulevard.
In this Help Net Security interview, Thomas Squeo, CTO for the Americas at Thoughtworks, discusses why traditional security architectures often fail when applied to autonomous AI systems. He explains why conventional threat modeling needs to adapt to address autonomous decision-making and emergent behaviors. Squeo also outlines strategies for maintaining control and accountability when AI agents operate with increasing autonomy. Why do traditional security architectures expecting predictable behavior fail when applied to autonomous AI systems? Autonomous … More →
The post Agentic AI and the risks of unpredictable autonomy appeared first on Help Net Security.
Decentralized identity (DID) is gaining traction, and for CISOs, it’s becoming a part of long-term planning around data protection, privacy, and control. As more organizations experiment with verifiable credentials and self-sovereign identity models, a question emerges: Who governs the system when no single entity holds the reins? The governance gap Traditional identity systems come with built-in governance. Central authorities validate users, issue credentials, and set policies for revocation and auditing. In decentralized ecosystems, these responsibilities … More →
The post Rethinking governance in a decentralized identity world appeared first on Help Net Security.
Many organizations are overwhelmed by the complexity of their IT systems, making it difficult to manage cybersecurity risks, according to a new Ivanti report. The “Exposure Management: From Subjective to Objective Cybersecurity” report points out that as companies keep adding more cloud services and smart devices, they’re struggling to keep up with securing them all. With so much tech spread across different systems, it’s tough to see everything and know which risks to tackle first. … More →
The post CISOs need better tools to turn risk into action appeared first on Help Net Security.
“Russian Market”网络犯罪市场已成为买卖信息窃取恶意软件凭证最受欢迎的平台之一。此前,尽管Russian Marke已经活跃了大约6年,但到2022年才变得相对受欢迎,但ReliaQuest报告称,Russian Marke最近已经达到了新的高度。人气飙升的部分原因是Genesis Market的关闭,造成了该领域的巨大空白。
尽管在Russian Marke上出售的大多数(85%)证书都是从现有资源中“回收”的,但由于其广泛的销售项目选择和低至2美元的日志可用性,它仍然赢得了大量的网络犯罪受众。
infostealer日志通常是由infostealer恶意软件创建的文本文件或多个文件,其中包含从受感染设备窃取的帐户密码、会话cookie、信用卡数据、加密货币钱包数据和系统分析数据。
每个日志可能包含数十甚至数千个凭据,因此被盗凭据的总数可能达到数亿甚至更多。一旦收集到,日志就会被上传到攻击者的服务器上,在那里它们被收集起来用于进一步的恶意活动,或者在Russian Marke等市场上出售。
市场上的日志页面
信息窃取器已经成为威胁者非常流行的工具,现在有许多攻击活动以企业为目标,窃取会话cookie和企业凭证。
ReliaQuest表示,俄罗斯市场也反映了这一点,61%的被盗日志包含来自谷歌Workspace、Zoom和Salesforce等平台的SaaS凭证。此外,77%的日志包含SSO(单点登录)凭据。
研究人员解释说:“被破坏的云账户为攻击者提供了访问关键系统的机会,并提供了窃取敏感数据的绝佳机会。”
Lumma被迫关闭,Acreed日渐兴盛
ReliaQuest分析了俄罗斯市场上超过160万个帖子,以绘制特定信息窃取恶意软件的受欢迎程度起伏。直到最近,大多数日志都被Lumma stealer窃取,占Russian Marke上销售的所有凭证日志的92%。
Infostealer记录俄罗斯市场的百分比
在执法部门采取行动后, Raccoon Stealer倒闭,Lumma主导了市场。然而,Lumma也可能面临同样的命运,因为它的业务最近被全球执法部门的一次行动打断,其中2300个域名被查获。
此次行动的长期结果尚不清楚,Check Point报告称,Lumma的开发者目前正试图重建并重启他们的网络犯罪业务。
与此同时,ReliaQuests报告称,一个名为accord的新信息提供商突然崛起,在Lumma被关闭后,它迅速获得了吸引力。据报道,在运营的第一周内,就上传了超过4000条日志,这反映了协议在俄罗斯市场的迅速上升。
就其目标信息而言,accord与典型的信息窃取者并没有什么不同,这些信息包括存储在Chrome、Firefox及其各种衍生产品中的数据,包括密码、cookie、加密货币钱包和信用卡详细信息。
信息窃取者通过网络钓鱼邮件、“ClickFix”攻击、高级软件恶意广告以及YouTube或TikTok视频感染用户。因此,建议人们保持警惕和良好的软件下载习惯,以避免广泛风险。
Infosecurity Europe 2025 is a cybersecurity event taking place from June 3 to 5 in London. Help Net Security is on-site and here’s a closer look at the conference. The first gallery is here. The featured vendors are: Bitdefender, Qualys, Sonatype, iStorage, Rootshell Security, AttackIQ, Push Security, Abnormal AI, Garner, Veeam Software, Rapid7, ManageEngine, Menlo Security, DarkInvader, and Bytes Software Services.
The post Photos: Infosecurity Europe 2025, part 2 appeared first on Help Net Security.