Author: Admin
January 10, 2025Ravi LakshmananCrypto mining / malware Cybersecurity firm CrowdStrike is warning of a phishing campaign using its own brand to distribute a cryptocurrency miner disguised as an employee CRM application as part of an alleged recruitment process. “The attack begins with a phishing email that mimics CrowdStrike recruitment, directing recipients to a malicious website,” the company said in a statement. said. “Victims are encouraged to download and run a fake application that serves as a bootloader for the XMRig cryptominer.” The Texas-based company said it discovered the malicious campaign on January 7, 2025, and that it was “aware of…
January 10, 2025Ravi LakshmananCyber espionage / Cyber attack Mongolia, Taiwan, Myanmar, Vietnam and Cambodia have been targeted by China-linked RedDelta threat to deliver a customized version of the PlugX backdoor between July 2023. until December 2024. “The group used eye-catching documents on Taiwan’s 2024 presidential candidate Terry Gou, Vietnam’s national holidays, flood protection in Mongolia and invitations to meetings, including the Association of Southeast Asian Nations (ASEAN) meeting,” Insikt Group Recorded Future said in a new analysis. The threat actor is believed to have compromised the Ministry of Defense of Mongolia in August 2024. and the Communist Party of Vietnam…
January 10, 2025Ravi LakshmananArtificial Intelligence / Cybercrime Cyber security researchers shed light on nascent family of artificial intelligence (AI) ransomware FunkSec which originated in late 2024 and has claimed more than 85 lives to date. “The group uses a two-pronged extortion tactic, combining data theft with encryption to force victims to pay the ransom,” Check Point Research notes. said in a new report shared with The Hacker News. “Notably, FunkSec demanded unusually low ransoms, sometimes as low as $10,000, and sold the stolen data to third parties at discounted prices.” FunkSec launched its Data Leakage Site (DLS) in December 2024…
Cybersecurity reporting is an important but often overlooked capability for service providers who manage cybersecurity for their customers, and in particular for virtual chief information security officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it’s often bogged down with technical jargon, complex data, and disjointed spreadsheets that don’t resonate with decision makers. The result? Clients who struggle to understand the value of your work and remain insecure about their safety. But what if reporting could be turned into a strategic tool for aligning cybersecurity with business goals? What if your reports empowered customers, built trust,…
January 10, 2025Ravi LakshmananCyber Security / Android Cybersecurity researchers have detailed the patched security flaw that affects Audio monkey (APE) decoder on Samsung smartphones, which can lead to code execution. A high severity vulnerability tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds writing in libsaped.so before SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in a shortfall advisory published in December 2024. as part of monthly security updates. “Patch adds proper input validation.” Google Project Zero researcher Natalie Silvanovitch, who discovered and reported the flaw, described…
Network segmentation remains a critical security requirement, but organizations struggle with traditional approaches that require large hardware investments, complex policy management, and disruptive network changes. The healthcare and manufacturing sectors face particular challenges as they integrate a variety of endpoints into their production networks, from legacy medical devices to IoT sensors. These devices often lack robust security hardening, creating significant vulnerabilities that traditional segmentation solutions struggle to address. Elisity aims to address these challenges with an innovative approach that leverages existing network infrastructure while providing identity-based micro-segmentation at the network edge. Rather than requiring new hardware, agents, or complex network…
January 9, 2025Ravi LakshmananEndpoint Vulnerability / Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity flaw that an authenticated attacker could use to gain access to sensitive data. “Several vulnerabilities in the Palo Alto Networks Expedition migration tool could allow an attacker to read the contents of the Expedition database and arbitrary files, and to create and delete arbitrary files on the Expedition system,” the company said in a statement. said in the advisory. “These files include information such as usernames, plaintext passwords, device configurations, and device API…
As SaaS vendors look to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the AI world: shadow AI. Shadow AI refers to the unauthorized use of AI tools and co-pilots within organizations. For example, a developer using ChatGPT to help write code, a salesperson downloading an AI-powered meeting transcription tool, or a customer service representative using Agentic AI to automate tasks—without going through the appropriate channels. When these tools are used without IT or security’s knowledge, they often lack security controls, putting company data at risk. Problems with the detection of…
January 9, 2025Ravi Lakshmanan Cybersecurity researchers have discovered a new, more stealthy version of the macOS-targeting malware called The Banshee Kidnapper. “Once thought to be broken after the source code was leaked in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect”, Check Point Research said in a new analysis shared with The Hacker News. “This development bypasses antivirus systems, posing a significant risk to more than 100 million macOS users worldwide.” The cybersecurity firm said it discovered the new version in late September 2024, when the malware was distributed using phishing websites and fake GitHub…
January 9, 2025Hacker newsData Protection / Encryption Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives safe, is now being used by cybercriminals to hide malware, steal data and avoid detection.The result? A 10.3% spike in encrypted attacks over the past year and some of the most shocking ransom payments in history, including a $75 million ransom in 2024. Are you ready to fight back? Join us Emily Lauferdirector of product marketing at Zscaler, for an introductory session, “Preparing for ransomware and encrypted attacks in 2025”, filled with practical ideas and cutting-edge strategies to outsmart these…