admin

0 Comments
Digital Security Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to attribute the IT meltdown to exceptional circumstances Tony Anscombe 23 Jul 2024  •  , 3 min. read As the dust settles on the cyber-incident caused by CrowdStrike releasing a corrupted update, many businesses will, or should, conduct a
0 Comments
Security questionnaires aren’t just an inconvenience — they’re a recurring problem for security and sales teams. They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products
0 Comments
Prolific Chinese espionage group Daggerfly (aka Evasive Panda, Bronze Highland) has extensively updated its malware toolkit, increasing its abilities to target most major operating systems (OS), according to an analysis by Symantec. The latest developments suggest the group is using a shared framework to enable it to effectively target Windows, Linux, macOS and Android OS.
0 Comments
Jul 23, 2024NewsroomCyber Espionage / Chinese Hackers Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group “also engages in internal espionage,” Symantec’s Threat Hunter Team, part
0 Comments
The Play ransomware group has introduced a Linux variant of its malware that specifically targets VMWare ESXi environments, according to recent findings from Trend Micro.  First detected in June 2022, the Play ransomware has gained notoriety for its sophisticated double-extortion tactics, custom-built tools and significant impact on organizations, especially in Latin America. Expansion to ESXi
0 Comments
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced “technology suite” that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox
0 Comments
Video A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats 21 Jul 2024 This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft. The malware masquerades as
0 Comments
A suspected technical issue at cybersecurity vendor CrowdStrike is causing mass IT outages across the world, disrupting critical sectors such as airlines, banks, media and retailing. The issue appears to concern an update to CrowdStrike’s security platform Falcon Sensor, which is impacting Microsoft Windows operating systems. Reports suggest the affected systems are struggling to boot
0 Comments
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the company’s CEO George Kurtz said in a statement. “Mac and
0 Comments
Security researchers have identified several vulnerabilities in SAP AI Core, a platform that enables users to develop, train and run AI services.  These vulnerabilities, found by Wiz and discussed in an advisory published on Wednesday, highlight significant risks associated with tenant isolation in AI infrastructure.  In particular, the investigation into SAP AI Core revealed that
0 Comments
Jul 18, 2024NewsroomMalware / Windows Security Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous
0 Comments
Security researchers have unveiled more information about the Qilin ransomware group, which recently targeted the healthcare sector with a $50 million ransom demand.  The attack on Synnovis, a pathology services provider, significantlyimpacted several key NHS hospitals in London earlier this month.  Since its identification in July 2022, Qilin has gained notoriety for offering Ransomware-as-a-Service (RaaS)
0 Comments
While blue teams defend, red teams attack. They share a common goal, however – help identify and address gaps in organizations’ defenses before these weaknesses can be exploited by malicious actors. The blue/red team exercises provide invaluable insights across the technical, procedural and human sides of security and can ultimately help organizations fend off actual
0 Comments
Jul 17, 2024NewsroomCyber Espionage / Cryptocurrency Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People’s Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named “MiroTalk.dmg”
0 Comments
Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler.  This vulnerability, dubbed ZDI-CAN-24433, was reported from CVE-2024-38112 to Microsoft upon discovery (and later patched by the tech giant), with evidence suggesting it was actively exploited by the advanced persistent threat (APT) group Void Banshee.  Known
0 Comments
The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor.  The group, now referred to as CRYSTALRAY, has notably expanded its operations, increasing its victim count tenfold to more than 1500.  According to a new advisory published by Sysdig last week, CRYSTALRAY has been observed using a
0 Comments
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was