Dec 05, 2024Ravie LakshmananCryptocurrency / Mobile Security As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging … [Read more...] about This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Security
The Rise of Cross-Domain Attacks Demands a Unified Defense
Modern adversaries are quiet. No longer reliant on clunky malware to breach their targets, they have adopted more subtle and effective methods to infiltrate businesses, move laterally and access critical applications, steal data, impersonate users and more. They are also gaining speed: The average eCrime breakout time, now just 62 minutes, has fallen in recent years as … [Read more...] about The Rise of Cross-Domain Attacks Demands a Unified Defense
CrowdStrike Showcases Cloud Security Innovation and Leadership at AWS re:Invent
Together, these innovations deliver a unified, proactive approach to protecting cloud environments and providing the full context needed to stay ahead of emerging threats. CrowdStrike Achieves AWS AI Competencies AWS GenAI Competency: CrowdStrike has achieved the AWS Generative AI Competency, distinguishing us as a leader in advancing generative AI solutions that … [Read more...] about CrowdStrike Showcases Cloud Security Innovation and Leadership at AWS re:Invent
Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities
The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state … [Read more...] about Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities
Transforming Cybersecurity for Small Businesses
Small business owners are wearing more hats than ever before. Along with managing operations, sales, innovation, customer satisfaction and more, they must also stay on top of trends that can affect their business trajectory — including cybersecurity and the ever-evolving range of cyber threats. Managing cybersecurity can create unnecessary complexity, especially for a … [Read more...] about Transforming Cybersecurity for Small Businesses
CrowdStrike Falcon Prevents Multiple Vulnerable Driver Attacks in Real-World Intrusion
Over the last 18 months, bring your own vulnerable driver (BYOVD) attacks have escalated significantly as adversaries attempt to bypass endpoint detection and response (EDR) products including the CrowdStrike Falcon® sensor. BYOVD attacks involve an adversary writing to disk and loading a kernel driver with known vulnerabilities that is then abused to perform privileged … [Read more...] about CrowdStrike Falcon Prevents Multiple Vulnerable Driver Attacks in Real-World Intrusion
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Dec 03, 2024Ravie LakshmananVulnerability / Network Security Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA's WebVPN login page that could allow an … [Read more...] about Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Falcon Identity Protection Expanded with AD Auditing
Identity is the new battleground in today’s rapidly evolving cyber threat landscape. Microsoft Active Directory (AD), a cornerstone of enterprise identity management, is a frequent target for attackers. For organizations, protecting these critical environments without adding complexity is essential. Many organizations struggle to get full visibility into changes made … [Read more...] about Falcon Identity Protection Expanded with AD Auditing
Attackers target sellers on message boards
Large online marketplaces do what they can to combat fraud, but cybercriminals remain one step ahead when it comes to scamming both buyers and sellers. This year has seen the rise of an online video-call scam where fake buyers ask for a video-demo of a product, during which they swipe one-time codes. Here’s all about this scheme — in four acts. Act one. Suspicion A seller of a … [Read more...] about Attackers target sellers on message boards
A Guide to Securing AI App Development: Join This Cybersecurity Webinar
Dec 02, 2024The Hacker NewsAI Security / Data ProtectionArtificial Intelligence (AI) is no longer a far-off dream—it's here, changing the way we live. From ordering coffee to diagnosing diseases, it's everywhere. But while you're creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a potential risk. The … [Read more...] about A Guide to Securing AI App Development: Join This Cybersecurity Webinar