The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis. "More than 1,600 victims were affected … [Read more...] about Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
Security
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Mar 10, 2025Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely … [Read more...] about Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
How Industry Leaders are Stopping Identity Attacks
The CrowdStrike 2025 Global Threat Report highlights the ongoing threat of identity-based attacks. Adversaries are increasingly exploiting stolen credentials to evade detection, and 79% of detections overall were classified as malware-free. Valid account abuse became the primary initial access method in 35% of cloud intrusions. The report also shares that access broker … [Read more...] about How Industry Leaders are Stopping Identity Attacks
Cisco’s Frontier in Cybersecurity Solutions
The widespread adoption of encryption began in the mid-1990s, coinciding with the internet’s rapid growth and increasing popularity. Before encryption data was transmitted in plain text, making it vulnerable to interception by cybercriminals. The need for encryption became apparent as online activities expanded, requiring secure exchange of sensitive information like passwords … [Read more...] about Cisco’s Frontier in Cybersecurity Solutions
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Mar 07, 2025Ravie Lakshmanan Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil). "Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in … [Read more...] about FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide
Mar 07, 2025Ravie LakshmananMalvertising / Open Source Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information. The tech giant, which detected the activity in early December 2024, is tracking it under the … [Read more...] about Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide
Learn How ASPM Transforms Application Security from Reactive to Proactive
Mar 07, 2025The Hacker NewsSoftware Security / AppSec Are you tired of dealing with outdated security tools that never seem to give you the full picture? You're not alone. Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That's why we're excited to introduce a smarter, unified approach: Application … [Read more...] about Learn How ASPM Transforms Application Security from Reactive to Proactive
The digital illusion: millennials and online safety risks
Millennials have grown up alongside the rise of social media and digital communication – and in many ways appear to be the most tech-savvy generation. However, our latest research reveals a concerning reality: 70 percent of millennials rarely verify the authenticity of the people they engage with online, leaving them vulnerable to cyberrisks such as identity fraud, … [Read more...] about The digital illusion: millennials and online safety risks
Cisco Live Melbourne SOC Report
Executive Summary Cisco has long provided security services for third party events such as the Black Hat and RSA Conferences, as well as the Super Bowl and the Olympic games. These services come in the form of products (Cisco Security Cloud capabilities, including Umbrella, XDR, Malware Analytics, etc. plus Splunk Enterprise Security); and skilled Security Operations Centre … [Read more...] about Cisco Live Melbourne SOC Report
Next-Generation Malware Classification Using Binary Transformers
CrowdStrike researchers have developed a next-gen method to train byte-based Transformer blocks that help models “understand” malware files rather than rely on detecting the presence of markersDuring testing, Binary Transformers significantly outperformed traditionally trained models in differentiating between benign and malicious code samplesThe results demonstrate the … [Read more...] about Next-Generation Malware Classification Using Binary Transformers