The familiar checkout ritual at the supermarket: once everything’s been scanned — the offer, delivered with a hopeful smile: “Chocolate bar for the road? It’s a good one, and the discount is almost criminal”. If you’re lucky, you get a delicious bonus at a great price. But more often than not they’re trying to sell you something that’s not selling well: either it’s about to … [Read more...] about Triada: a Trojan pre-installed on Android smartphones out of the box
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC … [Read more...] about North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
Black Hat Asia 2025: Innovation in the SOC
Cisco is honored to be a partner of the Black Hat NOC (Network Operations Center), as the Official Security Cloud Provider. This was our 9th year supporting Black Hat Asia. We work with other official providers to bring the hardware, software and engineers to build and secure the Black Hat network: Arista, Corelight, MyRepublic and Palo Alto Networks. The primary mission … [Read more...] about Black Hat Asia 2025: Innovation in the SOC
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Apr 24, 2025Ravie LakshmananMalware / Threat Intelligence At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky … [Read more...] about Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Detecting privileged access activity: A new Kibana integration
The new advanced detection analytics package to detect privileged access activityPrivileged accounts are a prime target for attackers, often exploited to accelerate access and move laterally within networks. Given the prevalence of access brokers who satisfy a nearly endless demand for stolen credentials, organizations need robust detection mechanisms to identify suspicious … [Read more...] about Detecting privileged access activity: A new Kibana integration
CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities
Today, CrowdStrike is releasing automated baseline enforcement and remediation in CrowdStrike Falcon® for IT to secure misconfigured devices and consistently address vulnerabilities across endpoints. Operators can now centrally manage and enforce endpoint configurations across platforms to support security and compliance efforts. Security and IT teams must ensure endpoints … [Read more...] about CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Apr 23, 2025Ravie LakshmananMalware / Cryptocurrency Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy … [Read more...] about DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Does Your SSE Understand User Intent?
Enhanced Data Protection With AI Guardrails With AI apps, the threat landscape has changed. Every week, we see customers are asking questions like: How do I mitigate leakage of sensitive data into LLMs?How do I even discover all the AI apps and chatbots users are accessing?We saw how the Las Vegas Cybertruck bomber used AI, so how do we avoid toxic content generation?How … [Read more...] about Does Your SSE Understand User Intent?
iProVPN: 3-Year Subscription for $29
Expires April 23, 2026 06:59 PST Buy now and get 90% off KEY FEATURESSeamlessly Connect, Browse & Access Anywhere with Confidence Protect your digital privacy while surfing the web with iProVPN. The … [Read more...] about iProVPN: 3-Year Subscription for $29
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Apr 22, 2025Ravie LakshmananIoT Security / Malware Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly … [Read more...] about Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals