Actively Exploited Zero-Day Vulnerability in Windows Ancillary Function Driver for WinSock Windows Ancillary Function Driver for WinSock received a patch for CVE-2025-21418, which has a severity of Important and a CVSS score of 7.8. Windows Ancillary Function Driver for WinSock is primarily responsible for handling network-related functions. This elevation of … [Read more...] about February 2025 Patch Tuesday: Updates and Analysis
Transform Network Security With Cisco Hybrid Mesh Firewall
The need for a robust, and flexible network security architecture has never been more pressing. The distributed nature of modern applications, the complexity of networks, and the explosion of AI applications is preventing progress through complexity. As these hindering complexities shift and grow, our approach to security must evolve to meet them head-on. In the previous … [Read more...] about Transform Network Security With Cisco Hybrid Mesh Firewall
CrowdStrike University Fast Track Fuels Cybersecurity Training
Organizations today battle an ever-evolving cyber threat landscape, yet many security teams struggle to keep pace due to a critical skills gap and limited access to high-quality training. As teams are expected to do more with fewer resources, cybersecurity education is essential. At CrowdStrike, we’re committed to breaking down these barriers. That’s why we’ve reimagined … [Read more...] about CrowdStrike University Fast Track Fuels Cybersecurity Training
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Feb 11, 2025Ravie LakshmananMobile Security / Machine Learning Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while … [Read more...] about Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
From Hyrbid Mesh Firewalls to Universal ZTNA
If you’ve heard it once, you’ve probably heard it a million times: “today’s enterprise environments are becoming more and more complex.” I know it’s something I’ve been known to say a time or two (or a million). Here’s the thing: it’s true. There are several factors at play, but two of the biggest are the increasingly fine-grained composition and distribution of applications … [Read more...] about From Hyrbid Mesh Firewalls to Universal ZTNA
Updating the Visual Studio Code extension for Swift
Today, we are excited to announce a new version of the Swift extension for Visual Studio Code – now published to the extension marketplace as an official supported release of the Swift team. The aim of this extension is to provide a high-quality, feature-complete extension that makes developing Swift applications on all platforms a seamless experience. As we continue to … [Read more...] about Updating the Visual Studio Code extension for Swift
Latest Product Updates and Features in Logz.io
We’re excited to announce a series of upgrades to our AI Agent, Log Management Explore UI and core integrations designed to empower you with even deeper observability and streamlined operations. These updates enhance account visibility, multi-telemetry trace insights, and logging capabilities while ensuring seamless compatibility with OpenTelemetry. Read on to discover how … [Read more...] about Latest Product Updates and Features in Logz.io
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
Feb 10, 2025Ravie LakshmananMalware / Payment Security Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, … [Read more...] about Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
How to detect malicious browser extensions using Elastic
When your CISO asks if a specific browser extension has ever been installed on any of your workstations, how quickly can you get the correct answer? Malicious browser extensions are a significant threat that many organizations have no way of managing or detecting. This blog post explores how the Elastic Infosec team uses osquery and the Elastic Stack to create a real-time … [Read more...] about How to detect malicious browser extensions using Elastic
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection
Feb 08, 2025Ravie LakshmananArtificial Intelligence / Supply Chain Security Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of … [Read more...] about Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection