One of the primary reasons why cybersecurity remains a complex undertaking is the increased sophistication of modern cyber threats. As the internet and digital technologies continue to advance, so do the methods and tools cybercriminals use. This means that even the most secure systems are vulnerable to attacks over time. Detecting and preventing these attacks require constant … [Read more...] about Cybersecurity for Businesses of All Sizes
Security
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Feb 04, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module … [Read more...] about Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
New Tria stealer intercepts text messages on Android
Getting married is certainly one of the most important events in anyone’s life. And in many cultures, it’s customary to invite hundreds of guests to the celebration — including some you barely know. Cybervillains take advantage of such traditions, using wedding invitations as bait to launch attacks on Android smartphone users. Here’s what threat actors have come up with this … [Read more...] about New Tria stealer intercepts text messages on Android
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
Feb 03, 2025Ravie LakshmananVulnerability / Network Security As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known … [Read more...] about 768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
AI Cyber Threat Intelligence Roundup: January 2025
At Cisco, AI threat research is fundamental to informing the ways we evaluate and protect models. In a space that is so dynamic and evolving so rapidly, these efforts help ensure that our customers are protected against emerging vulnerabilities and adversarial techniques. This regular threat roundup consolidates some useful highlights and critical intel from ongoing … [Read more...] about AI Cyber Threat Intelligence Roundup: January 2025
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Feb 01, 2025Ravie LakshmananCybercrime / Fraud Prevention U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array … [Read more...] about U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized … [Read more...] about BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
Using AI to Simplify Cloud Configuration Drift Detection
Cloud environments are dynamic by nature; they frequently change and update configurations. Unless these changes are carefully tracked, they could lead to configuration drift, a situation in which the runtime state of a resource deviates from its intended baseline configuration. Configuration drift can have severe consequences, potentially introducing security vulnerabilities, … [Read more...] about Using AI to Simplify Cloud Configuration Drift Detection
Evaluating Security Risk in DeepSeek
This original research is the result of close collaboration between AI security researchers from Robust Intelligence, now a part of Cisco, and the University of Pennsylvania including Yaron Singer, Amin Karbasi, Paul Kassianik, Mahdi Sabbaghi, Hamed Hassani, and George Pappas. Executive Summary This article investigates vulnerabilities in DeepSeek R1, a new frontier … [Read more...] about Evaluating Security Risk in DeepSeek
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Jan 31, 2025Ravie LakshmananVulnerability / Healthcare The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a … [Read more...] about CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors