Jan 29, 2025Ravie LakshmananThreat Intelligence / Malware The North Korean threat actor known as the Lazarus Group has been observed leveraging a "web-based administrative platform" to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. "Each C2 server hosted a web-based administrative … [Read more...] about Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
News
What scareware is and how to protect yourself
Imagine: you’re calmly working away on your computer, when suddenly a scary message appears on the screen: “Your computer is infected with viruses! Install an antivirus immediately!” or “Your data is at risk! Clean your system immediately!” Panic? That’s what the scammers are hoping for. This post explains what scareware is and why this threat is dangerous. We also give tips … [Read more...] about What scareware is and how to protect yourself
CrowdStrike Extends Powerful Falcon Platform Capabilities into Red Hat OpenShift
Kubernetes has become the cornerstone of modern DevOps, empowering teams to quickly deploy, manage, and scale containerized applications. However, many struggle to navigate Kubernetes' complexity while operating across hybrid and multi-cloud environments. Red Hat OpenShift builds on Kubernetes by providing a consistent, enterprise-grade platform that abstracts the … [Read more...] about CrowdStrike Extends Powerful Falcon Platform Capabilities into Red Hat OpenShift
CrowdStrike Falcon Earns Perfect Score in SE Labs’ Ransomware Evaluation
In the 2024 SE Labs Enterprise Advanced Security (EDR) Ransomware Test, the CrowdStrike Falcon platform achieved a perfect score of 100% in detection, protection, and accuracy, earning the prestigious AAA Award for Advanced Security EDR Protection for the third time in a row. The Falcon platform detected and blocked 100% of ransomware files and protected endpoints across … [Read more...] about CrowdStrike Falcon Earns Perfect Score in SE Labs’ Ransomware Evaluation
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
Jan 28, 2025Ravie LakshmananPhishing Attack / Network Security A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a previously … [Read more...] about PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
Apple introduces the 2025 Black Unity Collection
Apple today unveiled a new Black Unity Collection to honor Black History Month, and celebrate Black culture and community. Inspired by the rhythm of humanity, the collection includes a special-edition Apple Watch Black Unity Sport Loop, a matching watch face, and iPhone and iPad wallpapers. As part of the launch, Apple is … [Read more...] about Apple introduces the 2025 Black Unity Collection
GenAI and RAG: Transforming security, fraud detection, and observability
GenAI is not magicI attended ElasticON recently where we spent the day with our NYC Elastic community, talking about the combined value of vector databases using retrieval augmented generation (RAG) to feed large language models (LLMs) for next-level generative AI (GenAI) results. Elastic’s CTO and Founder Shay Banon kicked off his keynote with an important message: GenAI is … [Read more...] about GenAI and RAG: Transforming security, fraud detection, and observability
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Jan 27, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials. "Git implements a protocol called Git Credential Protocol to retrieve credentials from the … [Read more...] about GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server. The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has … [Read more...] about Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
Transforming fraud detection: AI and Elastic Security in financial services
Fraud in financial services is becoming more sophisticated, costing the industry billions annually and eroding customer trust. Recently, Deloitte published an article highlighting the risk AI brings in the form of fraudsters to the financial services industry: “Fake content has never been easier to create — or harder to catch. As threats grow, banks can invest in AI and other … [Read more...] about Transforming fraud detection: AI and Elastic Security in financial services