Feb 27, 2025Ravie LakshmananMalware / Threat Intelligence A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country's National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related … [Read more...] about Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
organizations
How Elastic can help organizations achieve CMMC compliance
The Cybersecurity Maturity Model Certification (CMMC) is a framework established by the US Department of Defense (DoD) to ensure that organizations handling Controlled Unclassified Information (CUI) implement robust cybersecurity measures. As CMMC becomes a key requirement for defense contractors, higher education institutions engaged in research or contracts with the DoD must … [Read more...] about How Elastic can help organizations achieve CMMC compliance
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
Nov 15, 2024Ravie LakshmananCyber Espionage / Malware Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the … [Read more...] about Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that … [Read more...] about New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Dec 02, 2023Newsroom Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks … [Read more...] about Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
API Security Trends 2023 – Have Organizations Improved their Security Posture?
Oct 03, 2023The Hacker NewsAPI Security / Data Security APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various … [Read more...] about API Security Trends 2023 – Have Organizations Improved their Security Posture?
Empowering Organizations with Enhanced Security
Aug 05, 2023The Hacker NewsManaged Detection and Response Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR … [Read more...] about Empowering Organizations with Enhanced Security
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
Jul 15, 2023THNCyber Attack / Enterprise Security Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consumer signing key and used it … [Read more...] about Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
Jun 15, 2023Ravie LakshmananCyber War / Threat Intel The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec … [Read more...] about New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
A World of Secure, Resilient Organizations
It’s Partner Summit week and, for me, it’s an important reminder that no one company, not even Cisco, can do it alone. Our partners provide diverse perspectives, expertise, and solutions offerings. Each partner plays a key part in delivering the outcomes and experiences our customers need, want, and expect. So, when we say, “Let’s Own It”, it’s a rally cry for Cisco and our … [Read more...] about A World of Secure, Resilient Organizations