#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Phishing Defense | Breaking Cybersecurity News | The Hacker News

Category — Phishing Defense
Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

Nov 08, 2024 Cybersecurity Awareness / Webinar
Let's face it—traditional security training can feel as thrilling as reading the fine print on a software update. It's routine, predictable, and, let's be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that's as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)? That's the transformative power of storytelling—and it's exactly what Huntress Managed Security Awareness Training (SAT) is bringing to cybersecurity. Why Storytelling is the Secret Weapon in Security Training: Human brains are wired for stories; it's how we process complex information and retain it. Stories give lessons meaning and make concepts stick, so why not apply this to something as vital as cybersecurity awareness? In our upcoming webinar, " Storytime with Huntress Managed Security Awareness Training ," we're diving into why storytelling isn't just ...
5 Must-Have Tools for Effective Dynamic Malware Analysis

5 Must-Have Tools for Effective Dynamic Malware Analysis

Oct 02, 2024 Malware Analysis / Threat Detection
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability to interact with the malware and the system in real-time is a great advantage when it comes to dynamic analysis. This way, you can not only observe its execution but also see how it responds to your inputs and triggers specific behaviors.  Plus, it saves time by allowing you to download samples hosted on file-sharing websites or open those packed inside an archive, which is a common way to deliver payloads to victims. The initial phishing email containing the malicious pdf and password for the archive Check out this sandbox session in the ANY.RUN sandbox that shows how interactivity is used for analyzing th...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
Expert Insights / Articles Videos
Cybersecurity Resources