Dec 18, 2024Ravie LakshmananEmail Security / Cloud Security Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims' Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot … [Read more...] about HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
Security
CrowdStrike Named a Leader in GigaOm Radar for Ransomware Prevention
GigaOm noted in its report that a broad platform approach is often required to protect customers from ransomware — and CrowdStrike delivers. “CrowdStrike offers a broad security platform that covers endpoint protection, identity protection, cloud security, IT automation, next-gen SIEM and more. [The] Falcon platform enables comprehensive ransomware detection, prevention, and … [Read more...] about CrowdStrike Named a Leader in GigaOm Radar for Ransomware Prevention
80% of Cybersecurity Leaders Prefer Platform-Delivered GenAI
Adversaries are advancing faster than ever, exploiting the growing complexity of business IT environments. In this high-stakes threat landscape, generative AI (GenAI) is a necessity. With organizations grappling with skills shortages, sophisticated adversaries and operational complexity, 64% of security professionals have already kicked off their GenAI purchase … [Read more...] about 80% of Cybersecurity Leaders Prefer Platform-Delivered GenAI
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit … [Read more...] about Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Mamont banker under the guise of a tracking app
We’ve discovered a new scheme of distribution of the Mamont (Russian for mammoth) Trojan banker. Scammers promise to deliver a certain product at wholesale prices that may be considered interesting to small businesses as well as private buyers, and offer to install an Android application to track the package. However, instead of a tracking utility, the victim installs a Trojan … [Read more...] about Mamont banker under the guise of a tracking app
Latin American eCrime Malware Evolution in 2024
Kiron: Rust Adoption and Browser Extensions Community Identifiers: Grandoreiro Type: Banking Trojan and Information Stealer July 2024: NestoLoader Integration Kiron was distributed via NestoLoader, which is a loader written in JPHP — a PHP implementation that runs in the Java virtual machine (VM). JPHP is not commonly used to develop eCrime malware because … [Read more...] about Latin American eCrime Malware Evolution in 2024
Impacts of Government Regulation on PQC Product Availability
In our recent blog, The Countdown Has Begun: Getting Started on your PQC Journey, we discussed both Q-Day, the moment when quantum computers will be able break all decryption, and the risk of Harvest Now, Decrypt Later (HNDL) cyberattacks. We focused on addressing top priority post-quantum cryptography (PQC) capabilities, namely, how to begin the migration to quantum-safe … [Read more...] about Impacts of Government Regulation on PQC Product Availability
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. "Entirely reliant on a single ad network for … [Read more...] about DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Guide for a Successful Microsegmentation Project
Not too long ago, during an executive briefing, I was asked a thought-provoking question by the CISO of a large airline in the US. He asked, “Brijesh, microsegmentation solutions have existed for a decade. Based on your experience, can you tell me why so many microsegmentation projects fail, and why it is so difficult to achieve microsegmentation across hybrid IT … [Read more...] about Guide for a Successful Microsegmentation Project
Happy Third Birthday to Secure MSP Center
It is hard to believe that this November, we will be celebrating the third anniversary of the launch of Secure MSP Center. We have come a long way from having MSPs buy single products to offering a streamlined, comprehensive program and dashboard for MSPs through Secure MSP Center and MSP Hub. We wanted to make it easy for our MSP partners to transact with Cisco, so made it … [Read more...] about Happy Third Birthday to Secure MSP Center