Modern ransomware attacks have shifted to sophisticated double extortion tactics, where sensitive data is exfiltrated before encryption, increasing pressure on victims. The financial impact of these breaches is significant, with average costs reaching $4.88 million. Early detection of unusual internal data-copying activities is crucial for organizations to defend against these evolving threats.…
Read More
Author: Catonetworks
Cato CTRL security researchers have identified a sophisticated threat actor, ProKYC, selling a deepfake tool designed to bypass two-factor authentication (2FA) for account fraud, particularly targeting cryptocurrency exchanges. This tool enables the creation of synthetic accounts, contributing to significant financial losses due to New Account Fraud (NAF).…
Read More
CVE-2023-49559 is a medium-severity Denial of Service (DoS) vulnerability found in the gqlparser library, which affects GraphQL applications. This vulnerability allows attackers to overload the server by exploiting the lack of limits on directives in GraphQL queries. Cato has implemented protections for its customers and recommends updating to the latest versions of the gqlparser and gqlgen libraries to mitigate risks.…
Read More
This article discusses the challenges and strategies involved in identifying and blocking malicious IP addresses, emphasizing the importance of a careful approach to avoid blocking legitimate traffic. #Cybersecurity #MaliciousIPs #ThreatIntelligence
Read More
Keypoints :
Identifying and blocking malicious IP addresses is crucial for cybersecurity. IP addresses have less transparent registration details compared to domain names.…