Insider threats are among the most elusive and damaging forms of cybersecurity risk. According to the Ponemon Institute, 71% of organizations experienced between 21 and 41 insider incidents in 2023, up 67% over the previous year. The average annual cost of insider threats also climbed to $16.2 million per organization, the report found. Insider threats begin with … [Read more...] about CrowdStrike Insider Risk Services Defend Against the Threats Within
Security
Contributing to CISA’s JCDC AI Efforts
A few months ago this year, I wrote about an AI Security Incident tabletop exercise led by the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC). This exercise brought together industry leaders and government agencies. CISA used the insights gained from these exercises to develop an AI Security Incident Collaboration … [Read more...] about Contributing to CISA’s JCDC AI Efforts
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The … [Read more...] about Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Navigate Cyber Threats with Cisco XDR: From Chaos to Clarity
In an era where cyber threats evolve at breakneck speed, organizations face unprecedented challenges in protecting their data, systems, and operations. The stakes have never been higher, with cyberattacks capable of disrupting critical services, compromising sensitive information, and inflicting severe financial and reputational damage. Cisco XDR (Extended Detection and … [Read more...] about Navigate Cyber Threats with Cisco XDR: From Chaos to Clarity
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the weaponization of … [Read more...] about Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Jan 11, 2025Ravie LakshmananAI Security / Cybersecurity Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant's … [Read more...] about Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Jan 11, 2025Ravie LakshmananFinancial Crime / Cryptocurrency The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the … [Read more...] about DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
Jan 10, 2025Ravie LakshmananCybersecurity / Android Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. "Out-of-bounds … [Read more...] about Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
CrowdStrike Strengthens Container Security with Registry Scanning
Organizations of all sizes require security tools to meet their complex hybrid cloud needs. As their cloud environments and workloads evolve, this includes solutions that can scan for vulnerabilities in container images regardless of their location across public and private cloud environments. The problem is, most organizations lack this capability. Many use tools that … [Read more...] about CrowdStrike Strengthens Container Security with Registry Scanning
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Jan 09, 2025Ravie LakshmananVulnerability / Endpoint Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. "Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker … [Read more...] about Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers