Sep 11, 2024Ravie LakshmananNetwork Security / Hacking The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by French … [Read more...] about Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
Expands
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Feb 24, 2024NewsroomActive Directory / Data Protection Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer … [Read more...] about Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
HijackLoader Expands Techniques to Improve Defense Evasion
HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to enhance its complexity and defense evasion CrowdStrike detects this new HijackLoader variant using machine learning and behavior-based detection capabilities CrowdStrike researchers have … [Read more...] about HijackLoader Expands Techniques to Improve Defense Evasion
Diicot Expands Tactics with Cayosin Botnet
Jun 17, 2023Ravie LakshmananCryptojacking / Network Security Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. "The Diicot name is significant, as it's also the name of the Romanian organized crime and … [Read more...] about Diicot Expands Tactics with Cayosin Botnet
North Korean UNC2970 Hackers Expands Operations with New Malware Families
Mar 10, 2023Ravie LakshmananCyber Attack / Malware A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022. Google-owned Mandiant said the threat cluster shares "multiple overlaps" with a … [Read more...] about North Korean UNC2970 Hackers Expands Operations with New Malware Families
CrowdXDR Alliance Expands to Help Hunt Threats Faster
CrowdStrike is proud to announce that Armis, Cloudflare and ThreatWarrior have joined the open CrowdXDR Alliance. The addition of these industry leaders enhances XDR with telemetry from cloud, network and Internet of Things (IoT) solutions. This best-of-platform approach to XDR will help solve real-world productivity challenges that security teams face by empowering them to … [Read more...] about CrowdXDR Alliance Expands to Help Hunt Threats Faster
New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability
Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the … [Read more...] about New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability
Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials
Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel … [Read more...] about Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials
CrowdStrike Expands Technical Integrations for Healthcare
The Healthcare Security Crisis The FBI has released many warnings of ongoing ransomware attacks targeting U.S. healthcare and first-responder networks over the last three years, with ransomware families being updated with new names as hackers exchange sophisticated hacker-for-hire code and models to exploit vulnerable healthcare facilities. From penalties and Health Insurance … [Read more...] about CrowdStrike Expands Technical Integrations for Healthcare
Cisco Email Security Expands, Simplified to Detect More Threats, Stop More Attacks
SecureX integration offers customers greater visibility to threats across technology silos Email threats continue to rise rapidly in volume and complexity. With email being the number one threat vector, it’s no surprise that 94 percent of malware is delivered via email, and it remains the easiest way for attackers to breach an organization. Email security is complex and of … [Read more...] about Cisco Email Security Expands, Simplified to Detect More Threats, Stop More Attacks