Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. "Entirely reliant on a single ad network for … [Read more...] about DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Security
Guide for a Successful Microsegmentation Project
Not too long ago, during an executive briefing, I was asked a thought-provoking question by the CISO of a large airline in the US. He asked, “Brijesh, microsegmentation solutions have existed for a decade. Based on your experience, can you tell me why so many microsegmentation projects fail, and why it is so difficult to achieve microsegmentation across hybrid IT … [Read more...] about Guide for a Successful Microsegmentation Project
Happy Third Birthday to Secure MSP Center
It is hard to believe that this November, we will be celebrating the third anniversary of the launch of Secure MSP Center. We have come a long way from having MSPs buy single products to offering a streamlined, comprehensive program and dashboard for MSPs through Secure MSP Center and MSP Hub. We wanted to make it easy for our MSP partners to transact with Cisco, so made it … [Read more...] about Happy Third Birthday to Secure MSP Center
Quantum Cryptography: What’s Coming Next
This is the second in our series of blogs about the quantum threat and preparing for “Q-Day,” the moment when cryptanalytically relevant quantum computing (CRQC) will be able to break all public-key cryptography systems in operation today. The first blog provided an overview of cryptography in a post-quantum world, and this one explores what comes next. What it will take to … [Read more...] about Quantum Cryptography: What’s Coming Next
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Dec 14, 2024Ravie LakshmananBotnet / Ad Fraud Germany's Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and … [Read more...] about Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Dec 14, 2024Ravie LakshmananMalware / Cyber Threat Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior engineer for Netskope's Security … [Read more...] about Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Cisco Secure Workload: Leading in Segmentation Maturity
As cyber threats evolve, defending workloads in today’s multi-cloud environments requires more than traditional security. Attackers are no longer simply at the perimeter; they may already be inside, waiting to exploit vulnerabilities. This reality demands a shift from just keeping threats out to minimizing their impact when they breach. Cisco Secure Workload is at the forefront … [Read more...] about Cisco Secure Workload: Leading in Segmentation Maturity
The Customer Adoption Journey of Cisco Secure Workload
In today’s rapidly evolving threat landscape, securing workloads across diverse environments is critical for organizations of all sizes. Cisco Secure Workload (formerly Tetration) provides end-to-end visibility, microsegmentation and advanced security capabilities for workloads deployed across data centers and cloud environments. This blog post explores the customer adoption … [Read more...] about The Customer Adoption Journey of Cisco Secure Workload
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
Dec 13, 2024Ravie LakshmananCyber Attack / Malware A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers … [Read more...] about 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
Rate Companies Scales Cybersecurity with Falcon Flex
Rate Companies (formerly Guaranteed Rate) is the second-largest retail mortgage lender in the U.S. With billions of sensitive transactions flowing through its systems daily, the company is a prime target for cybercriminals. “Because of the nature of our business, we face some of the most advanced and persistent cyber threats out there,” said Katherine Mowen, SVP of … [Read more...] about Rate Companies Scales Cybersecurity with Falcon Flex