Cisco is honored to be a partner of the Black Hat NOC (Network Operations Center), as the Official Security Cloud Provider. This was our 9th year supporting Black Hat Asia. We work with other official providers to bring the hardware, software and engineers to build and secure the Black Hat network: Arista, Corelight, MyRepublic and Palo Alto Networks. The primary mission … [Read more...] about Black Hat Asia 2025: Innovation in the SOC
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Apr 24, 2025Ravie LakshmananMalware / Threat Intelligence At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky … [Read more...] about Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Detecting privileged access activity: A new Kibana integration
The new advanced detection analytics package to detect privileged access activityPrivileged accounts are a prime target for attackers, often exploited to accelerate access and move laterally within networks. Given the prevalence of access brokers who satisfy a nearly endless demand for stolen credentials, organizations need robust detection mechanisms to identify suspicious … [Read more...] about Detecting privileged access activity: A new Kibana integration
CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities
Today, CrowdStrike is releasing automated baseline enforcement and remediation in CrowdStrike Falcon® for IT to secure misconfigured devices and consistently address vulnerabilities across endpoints. Operators can now centrally manage and enforce endpoint configurations across platforms to support security and compliance efforts. Security and IT teams must ensure endpoints … [Read more...] about CrowdStrike Falcon for IT Adds Endpoint Automation Capabilities
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Apr 23, 2025Ravie LakshmananMalware / Cryptocurrency Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy … [Read more...] about DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Does Your SSE Understand User Intent?
Enhanced Data Protection With AI Guardrails With AI apps, the threat landscape has changed. Every week, we see customers are asking questions like: How do I mitigate leakage of sensitive data into LLMs?How do I even discover all the AI apps and chatbots users are accessing?We saw how the Las Vegas Cybertruck bomber used AI, so how do we avoid toxic content generation?How … [Read more...] about Does Your SSE Understand User Intent?
iProVPN: 3-Year Subscription for $29
Expires April 23, 2026 06:59 PST Buy now and get 90% off KEY FEATURESSeamlessly Connect, Browse & Access Anywhere with Confidence Protect your digital privacy while surfing the web with iProVPN. The … [Read more...] about iProVPN: 3-Year Subscription for $29
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Apr 22, 2025Ravie LakshmananIoT Security / Malware Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly … [Read more...] about Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
CrowdStrike Falcon Privileged Access Secures Critical Hybrid Identity Environments
CrowdStrike is excited to announce CrowdStrike Falcon Privileged Access, a new offering within CrowdStrike Falcon® Identity Protection that uses high-fidelity risk signals to provide just-in-time access to organizations’ critical permissions and resources. Adversaries know valid credentials unlock access to data, infrastructure, and capabilities. Nearly 80% of attacks to … [Read more...] about CrowdStrike Falcon Privileged Access Secures Critical Hybrid Identity Environments
How Cushman & Wakefield Secures Identities with Falcon Identity Protection
For years, Cushman & Wakefield’s security team knew that remote desktop protocol (RDP) access was a potential weak point, but enforcing multifactor authentication (MFA) for RDP was out of reach. The company’s legacy cybersecurity tools simply didn’t support it, leaving critical systems vulnerable to credential-based attacks. “We knew attackers target RDP as an easy … [Read more...] about How Cushman & Wakefield Secures Identities with Falcon Identity Protection