Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise networks, helping organizations identify and respond to potential attacks in real time. However, the new Picus Blue Report 2025, based on over 160 million real-world attack simulations, revealed that organizations are only detecting 1 out of 7 simulated attacks,
Anatsa Android Banking Trojan Now Targeting 830 Financial Apps
The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications.
The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek.
CISA Requests Public Feedback on Updated SBOM Guidance
CISA has updated the Minimum Elements for a Software Bill of Materials (SBOM) guidance and is seeking public comment.
The post CISA Requests Public Feedback on Updated SBOM Guidance appeared first on SecurityWeek.
SASE Company Netskope Files for IPO
Netskope has an annual recurring revenue of more than $707 million, but it’s still not profitable, reporting a net loss of $170 million in H1.
The post SASE Company Netskope Files for IPO appeared first on SecurityWeek.
Arch Linux Project Responding to Week-Long DDoS Attack
The Arch Linux Project has been targeted in a DDoS attack that disrupted its website, repository, and forums.
The post Arch Linux Project Responding to Week-Long DDoS Attack appeared first on SecurityWeek.
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities.
“Initial access is achieved through spear-phishing emails,” CYFIRMA said. “Linux BOSS environments are targeted via weaponized .desktop
“Initial access is achieved through spear-phishing emails,” CYFIRMA said. “Linux BOSS environments are targeted via weaponized .desktop
Farmers Insurance Data Breach Impacts Over 1 Million People
Farmers New World Life Insurance and Farmers Group have filed separate data breach notifications with state authorities.
The post Farmers Insurance Data Breach Impacts Over 1 Million People appeared first on SecurityWeek.
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia’s Federal Security Services agency (FSB) is being used to target executives of Russian businesses. […]
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko
FTC warns tech giants not to bow to foreign pressure on encryption
The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms. […]