Adversaries are advancing faster than ever, exploiting the growing complexity of business IT environments. In this high-stakes threat landscape, generative AI (GenAI) is a necessity. With organizations grappling with skills shortages, sophisticated adversaries and operational complexity, 64% of security professionals have already kicked off their GenAI purchase … [Read more...] about 80% of Cybersecurity Leaders Prefer Platform-Delivered GenAI
Security
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit … [Read more...] about Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Mamont banker under the guise of a tracking app
We’ve discovered a new scheme of distribution of the Mamont (Russian for mammoth) Trojan banker. Scammers promise to deliver a certain product at wholesale prices that may be considered interesting to small businesses as well as private buyers, and offer to install an Android application to track the package. However, instead of a tracking utility, the victim installs a Trojan … [Read more...] about Mamont banker under the guise of a tracking app
Latin American eCrime Malware Evolution in 2024
Kiron: Rust Adoption and Browser Extensions Community Identifiers: Grandoreiro Type: Banking Trojan and Information Stealer July 2024: NestoLoader Integration Kiron was distributed via NestoLoader, which is a loader written in JPHP — a PHP implementation that runs in the Java virtual machine (VM). JPHP is not commonly used to develop eCrime malware because … [Read more...] about Latin American eCrime Malware Evolution in 2024
Impacts of Government Regulation on PQC Product Availability
In our recent blog, The Countdown Has Begun: Getting Started on your PQC Journey, we discussed both Q-Day, the moment when quantum computers will be able break all decryption, and the risk of Harvest Now, Decrypt Later (HNDL) cyberattacks. We focused on addressing top priority post-quantum cryptography (PQC) capabilities, namely, how to begin the migration to quantum-safe … [Read more...] about Impacts of Government Regulation on PQC Product Availability
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. "Entirely reliant on a single ad network for … [Read more...] about DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Guide for a Successful Microsegmentation Project
Not too long ago, during an executive briefing, I was asked a thought-provoking question by the CISO of a large airline in the US. He asked, “Brijesh, microsegmentation solutions have existed for a decade. Based on your experience, can you tell me why so many microsegmentation projects fail, and why it is so difficult to achieve microsegmentation across hybrid IT … [Read more...] about Guide for a Successful Microsegmentation Project
Happy Third Birthday to Secure MSP Center
It is hard to believe that this November, we will be celebrating the third anniversary of the launch of Secure MSP Center. We have come a long way from having MSPs buy single products to offering a streamlined, comprehensive program and dashboard for MSPs through Secure MSP Center and MSP Hub. We wanted to make it easy for our MSP partners to transact with Cisco, so made it … [Read more...] about Happy Third Birthday to Secure MSP Center
Quantum Cryptography: What’s Coming Next
This is the second in our series of blogs about the quantum threat and preparing for “Q-Day,” the moment when cryptanalytically relevant quantum computing (CRQC) will be able to break all public-key cryptography systems in operation today. The first blog provided an overview of cryptography in a post-quantum world, and this one explores what comes next. What it will take to … [Read more...] about Quantum Cryptography: What’s Coming Next
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Dec 14, 2024Ravie LakshmananBotnet / Ad Fraud Germany's Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and … [Read more...] about Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action