Getting married is certainly one of the most important events in anyone’s life. And in many cultures, it’s customary to invite hundreds of guests to the celebration — including some you barely know. Cybervillains take advantage of such traditions, using wedding invitations as bait to launch attacks on Android smartphone users. Here’s what threat actors have come up with this … [Read more...] about New Tria stealer intercepts text messages on Android
Security
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
Feb 03, 2025Ravie LakshmananVulnerability / Network Security As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known … [Read more...] about 768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
AI Cyber Threat Intelligence Roundup: January 2025
At Cisco, AI threat research is fundamental to informing the ways we evaluate and protect models. In a space that is so dynamic and evolving so rapidly, these efforts help ensure that our customers are protected against emerging vulnerabilities and adversarial techniques. This regular threat roundup consolidates some useful highlights and critical intel from ongoing … [Read more...] about AI Cyber Threat Intelligence Roundup: January 2025
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Feb 01, 2025Ravie LakshmananCybercrime / Fraud Prevention U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array … [Read more...] about U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized … [Read more...] about BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
Using AI to Simplify Cloud Configuration Drift Detection
Cloud environments are dynamic by nature; they frequently change and update configurations. Unless these changes are carefully tracked, they could lead to configuration drift, a situation in which the runtime state of a resource deviates from its intended baseline configuration. Configuration drift can have severe consequences, potentially introducing security vulnerabilities, … [Read more...] about Using AI to Simplify Cloud Configuration Drift Detection
Evaluating Security Risk in DeepSeek
This original research is the result of close collaboration between AI security researchers from Robust Intelligence, now a part of Cisco, and the University of Pennsylvania including Yaron Singer, Amin Karbasi, Paul Kassianik, Mahdi Sabbaghi, Hamed Hassani, and George Pappas. Executive Summary This article investigates vulnerabilities in DeepSeek R1, a new frontier … [Read more...] about Evaluating Security Risk in DeepSeek
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Jan 31, 2025Ravie LakshmananVulnerability / Healthcare The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a … [Read more...] about CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
How the Banshee stealer infects macOS users
Many macOS users believe their operating system is immune to malware, so they don’t need to take extra security precautions. In reality, it’s far from the truth, and new threats keep popping up. Are there viruses for macOS? Yes — and plenty of ’em. Here are some examples of Mac malware we’ve previously covered on Kaspersky Daily and Securelist: A crypto-wallet-stealing Trojan … [Read more...] about How the Banshee stealer infects macOS users
Top Threat Tactics and How to Address Them
Each quarter, Cisco Talos Incident Response publishes a summarized record of the notable trends from the cases they work. The attacks, techniques, and methodology that Talos observes helps to shape and inform many of the protections that Cisco’s customers use on a regular basis. Part of their work in this area helps promote Talos’ principle of see once, block … [Read more...] about Top Threat Tactics and How to Address Them