Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at … [Read more...] about New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Worldwide
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was … [Read more...] about Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not … [Read more...] about Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
CrowdStrike Named a Leader in IDC MarketScape for Worldwide MDR
The #1 global managed detection and response (MDR) provider and pioneer continues to dominate. Today, CrowdStrike was named a Leader in the 2024 IDC MarketScape: Worldwide Managed Detection and Response 2024 Vendor Assessment1 among the 19 vendors evaluated in the report. CrowdStrike was also recently named a Leader in Frost & Sullivan’s 2024 Frost Radar: Managed Detection … [Read more...] about CrowdStrike Named a Leader in IDC MarketScape for Worldwide MDR
New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, … [Read more...] about New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
Mar 10, 2023Ravie LakshmananEndpoint Security / Hacking An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed in 2016, is a modular … [Read more...] about New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
Elastic named a Major Player in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment
Consolidating cloud, endpoint, automation, and SIEM tools all in one unified platformElastic Security’s foundational strength is in supporting fast search across any data source for any environment. In fact, the IDC MarketScape report notes “Unlike others with separate products, Elastic includes its EDR and cloud workload protection products in its security offering.” The … [Read more...] about Elastic named a Major Player in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment
U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond. "The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, … [Read more...] about U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide
Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor. Russian cybersecurity company Kaspersky, which is tracking … [Read more...] about North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide
Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool — codenamed "Vermilion Strike" — marks one of the rare Linux ports, … [Read more...] about Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide