The Word On The Street

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the ...

Threat actors have been ramping up promotions for the new QwixxRAT information-stealing malware on Discord and Telegram, while the NetSupport Manager RAT has been leveraged in a new ongoing malware campaign, reports ...

In July, Uptycs hired veteran cybersecurity leader Kevin Paige as its CISO and vice president of product strategy. Paige had most recently been the CISO at supply chain management firm Flexport, and earlier in his career held security ...

Incidents involving infostealers have more than doubled in Q1 2023 compared with the same time period last year, and are attacking three major platforms: Windows, Linux and the macOS.

In a study released July 26 by Uptycs, the

The PoC contains a backdoor, which has broad data-stealing capabilities and can exfiltrate a wide array of data from the hostname and username to an exhaustive list of home directory contents.
A fake repository has been discovered ...

Threat actors have crafted a novel ploy designed to bait cybersecurity researchers into a trap by posting a fake proof-of-concept (PoC) to GitHub that is actually a backdoor. 
Researchers at Uptycs outlined ...

A GitHub user managed to dupe security researchers by publishing fake proofs-of-concept (PoCs) containing Linux backdoors.
Cybersecurity researchers use PoCs to test and better understand publicly ...

Cyber security firm Guardz has announced that it has discovered new malware designed to “steal sensitive data” in the background on macOS. Dubbed “ShadowVault,” the malware, according to a forum posting discovered by Guardz, ...

New malware dubbed Meduza Stealer can steal information from a large number of browsers, password managers and cryptocurrency wallets, according to a report from cybersecurity company Uptycs. The malware was developed ...

Windows systems are being targeted by the new Meduza Stealer malware with comprehensive data exfiltration capabilities and a sophisticated design that enables evasion of security software detection, The Hacker News reports.

A new Windows infostealer is on the loose, stealing highly sensitive information and featuring clever ways to evade detection by security software.
Known as the Meduza Stealer, its sole purpose is "comprehensive data ...

A new malware called “The Meduza Stealer” has been observed targeting Windows users with advanced data theft tactics.
The Uptycs Threat Research team discovered the new threat while ...

Uptycs recently introduced the industry’s first “Cloud Security Early Warning System.” Uptycs customers can track and analyze malicious activity across multiple attack surfaces from a single user interface (UI), including endpoints, cloud, ...

Uptycs combines threat detection for Kubernetes and container runtimes, along with automated registry scanning and Kubernetes hardening checks. Here are the highlights ...

Windows and Linux systems are being targeted by a new information-stealing malware peddled by the Cyclops ransomware operation, The Hacker News reports ...

The inadequacy of siloed security solutions is well-documented. The good news is that next-gen security platforms designed to unify on-prem and cloud threat detection and remediation ...

My recent feature on passkeys attracted significant interest, and a number of the 1,100-plus comments raised questions about how the passkey system actually works and if it can be trusted...

Uptycs announced that its unified cloud-native application protection and extended detection and response platform has received a new functionality that serves as an early-warning system ...

Cloud and endpoint cybersecurity startup Uptycs Inc. today announced what it claims to be the first “early warning system” that allows security teams to identify and stop threat actors before...

At the RSA Conference 2023 event, Uptycs today revealed it has extended the reach of its cloud-native application protection platform (CNAPP) to include the ability to collect log data from DevOps workflows ...

Data center sprawl is the bane of many organizations. 

The push to modernize, deploy new workloads and move data to the edge ...

A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up. To propagate, operators are looking ...

Companies have touted "shift left" as a quality control approach, and developers "shift right" when testing software in post-production ...

The assumption with cloud-native companies is that all of their applications and infrastructure are designed for, built in, and run on public cloud providers. 

In the pantheon of semi-obscure open source tools, osquery is one that deserves a closer look from most security professionals.

To protect their IT ecosystem, security teams not only implement traditional security controls for on-prem solutions, but they’re also focused on new threats ...

Looking at the most interesting products from the past week, featuring releases from AuditBoard, BIO-key, Data Theorem, Enpass, Microsoft, N-able ...

Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API.

Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid ...

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.