Tag: network security
‘Our program is unique because it integrates three distinct roles, each addressing a critical aspect of partnership success,’ says Todyl CEO John Nellen. ‘We’re excited about the potential this program has to scale our partners’ businesses and enhance their security capabilities.’ Todyl has launched its revamped partner program “from the ground up” to better align…
Read More
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved,” ESET researcher Jakub…
Read More
Oracle and AWS unveiled the partnership just ahead of Oracle’s first fiscal quarter earnings call, during which Oracle Chairman and CTO Larry Ellison gave a bullish account of the AI market. Oracle has inked a partnership with Amazon Web Services, creating Oracle Database@AWS, and revealed the general availability of Oracle Database@Google Cloud as the artificial…
Read More
Sep 10, 2024Ravie LakshmananMalware / Cyber Espionage A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber…
Read More
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the “audio gap” and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen. “Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0…
Read More
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow apps may include instances of software that the company is already using. For…
Read More
Sep 10, 2024Ravie LakshmananCyber Attack / Malware The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth…
Read More
TD Synnex, Skyhigh Security, Leidos, Microsoft, NetApp and Salesforce were among the tech companies making key executive hires and moves in August 2024. A chief information security officer at TD Synnex. A chief technology officer at Skyhigh Security. And a chief data officer at Leidos. Alicia Lynch, formerly with Cognizant; Steve Tait, formerly with Snow…
Read More
Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab…
Read More
Sep 09, 2024Ravie LakshmananCyber Espionage / Malware The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. “This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target networks,”…
Read More