Dec 10, 2024Ravie LakshmananVulnerability / Threat Analysis Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en … [Read more...] about Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Security
Adaptive Shield, a CrowdStrike Company, Leads in 2024 Frost Radar SSPM Leadership Report
CrowdStrike is proud to announce that Adaptive Shield is positioned as the leader in the Frost & Sullivan 2024 SaaS Security Posture Management (SSPM) Frost Radar, earning the highest and farthest-right position among all evaluated vendors. Adaptive Shield, which was acquired by CrowdStrike in November 2024, is recognized for its leadership in innovation and growth, with … [Read more...] about Adaptive Shield, a CrowdStrike Company, Leads in 2024 Frost Radar SSPM Leadership Report
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by … [Read more...] about Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Cryptocurrency Miner Found in PyPI Versions
Dec 07, 2024Ravie LakshmananSupply Chain Attack / Cryptocurrency In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner. The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) … [Read more...] about Cryptocurrency Miner Found in PyPI Versions
Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar
Dec 07, 2024The Hacker NewsEnterprise Security / Threat Prevention Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall … [Read more...] about Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar
How ASPM Elevates Security for Today’s Cloud Ecosystem
Cloud technology has revolutionized business operations, but the digital transformation required to adopt and scale cloud technology exposes vulnerabilities that traditional cybersecurity approaches struggle to address — often leaving organizations vulnerable to adversaries. Organizations face mounting challenges in managing security risks across cloud-native applications. … [Read more...] about How ASPM Elevates Security for Today’s Cloud Ecosystem
CrowdStrike Named a Leader in 2024 Frost Radar for Cloud-Native Application Protection
Frost & Sullivan recognizes the benefits of a unified approach to cloud security: “CrowdStrike is recognized as an innovation leader for its unified cloud security approach and robust workload security capabilities centered on its Falcon Cloud Security (FCS) platform,” its report states. Cloud security solutions must also deliver real-time threat detection and … [Read more...] about CrowdStrike Named a Leader in 2024 Frost Radar for Cloud-Native Application Protection
FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
Dec 06, 2024Ravie LakshmananSpyware / Mobile Security A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of Toronto's Citizen Lab. "The … [Read more...] about FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
Announcing Protection for AWS IAM Identity Center
As organizations scale their operations on Amazon Web Services (AWS), they must secure their identities and ensure all users have the correct permissions. AWS IAM Identity Center is built to simplify access management across multiple AWS accounts — a critical tool for rapidly growing AWS environments. This hub for identity data and processes demands strong protection against … [Read more...] about Announcing Protection for AWS IAM Identity Center
How to guard against webcam and microphone tracking
Just a decade ago, people who taped over their webcam were seen as a little eccentric, shall we say. Fast forward to today, and many laptop models feature a built-in privacy shutter that lets you cover the webcam with a single swipe. Useful, yes – but if the mic is still on, the overall benefit is less clear. Is it still worth covering your webcam in 2024, or is such practice a … [Read more...] about How to guard against webcam and microphone tracking