%term

Trojan Warning: Malware Identified in VAHAN PARIVAHAN.apk

May 28, 2024 By Foresiet In Foresiet

The Foresiet Threat Intelligence Team has recently conducted an in-depth analysis of an Android malware Trojan masquerading as the "VAHAN PARIVAHAN.apk" application. This trojan poses a significant threat to users by leveraging a backdoor, utilizing the Telegram API bot, and exploiting the services of GoDaddy.com LLC and Mark Monitor Inc. In this blog, we delve into the specifics of this malware, including its technical details, behavior, and potential impact on users.

Read Post

Foresiet

Read more about Trojan Warning: Malware Identified in VAHAN PARIVAHAN.apk

Significant Surge in Cyber Activity Targeting Upcoming Indian General Election

May 28, 2024 By Foresiet In Foresiet

Foresiet, your trusted cybersecurity partner, brings to light a dramatic increase in cyber activity aimed at disrupting the upcoming Indian general election. This uptick, primarily driven by various hacktivist groups, has led to the exposure of personal identifiable information (PII) of Indian citizens on the dark web. The election, which will be held in seven phases from April 19 to June 1, 2024, will elect all 543 members of the Lok Sabha, with results announced on June 4, 2024.

Read Post

Foresiet

Read more about Significant Surge in Cyber Activity Targeting Upcoming Indian General Election

ShrinkLocker: Turning BitLocker into Ransomware

May 28, 2024 By Foresiet In Foresiet

Attackers are continually developing sophisticated techniques to bypass defensive measures and achieve their goals. One highly effective approach involves exploiting the operating system's native features to evade detection and ensure compatibility. In the realm of ransomware threats, this can be seen in the use of the cryptographic functions within ADVAPI32.dll, such as CryptAcquireContextA, CryptEncrypt, and CryptDecrypt.

Read Post

Foresiet

Read more about ShrinkLocker: Turning BitLocker into Ransomware

Container Security: Protect your data with Calico Egress Access Controls

May 28, 2024 By Utpal Bhatt In Tigera

23andMe is a popular genetics testing company, which was valued at $6B in 2021. Unfortunately, there was a massive data breach in December 2023, which caused a steep decline in the company’s value and trust, plummeting the company to a penny stock. While this breach was not directly related to Kubernetes, the same risks apply to containers running in your Kubernetes environments.

Read Post

Tigera

Read more about Container Security: Protect your data with Calico Egress Access Controls

The basics of securing GenAI and LLM development

May 28, 2024 By Sean Pratt In JFrog

With the rapid adoption of AI-enabled services into production applications, it’s important that organizations are able to secure the AI/ML components coming into their software supply chain. The good news is that even if you don’t have a tool specifically for scanning models themselves, you can still apply the same DevSecOps best practices to securing model development.

Read Post

JFrog

Read more about The basics of securing GenAI and LLM development

CrowdStrike Brings Industry-Leading ITDR to All Major Cloud-Based Identity Providers

May 28, 2024 By Venu Shastri In CrowdStrike

Today, we’re announcing new capabilities of CrowdStrike Falcon Identity Protection to further strengthen our industry-leading identity threat detection and response (ITDR) technology and help customers secure their cloud-based identity environments from cyberattacks.

Read Post

CrowdStrike

Read more about CrowdStrike Brings Industry-Leading ITDR to All Major Cloud-Based Identity Providers

Navigating the NIS 2 Landscape - Part 1

May 28, 2024 By Kirk Jensen In WatchGuard

The European Union (EU) is taking a significant step forward in the fight against cybercrime by introducing the Network and Information Systems Directive 2, or NIS 2. This directive represents a major overhaul of cybersecurity regulations across the continent, aiming to bolster defenses against the ever-evolving threats of the digital age. In this first of four blog posts, we will introduce the basics of NIS 2.

Read Post

WatchGuard

Read more about Navigating the NIS 2 Landscape - Part 1

Understanding PCI DSS 4.0: What You Need to Know

May 28, 2024 By Jenny Buckingham In Veracode

If you're in a business that handles credit cards, you already know how crucial it is to keep that data secure. PCI DSS is a set of compliance requirements that ensure all companies handling cardholder data keep it secure. And that it's not just a good idea—it's a must. As cyber threats become more sophisticated, it's challenging to keep pace with complex security and compliance landscapes.

Read Post

Veracode

Read more about Understanding PCI DSS 4.0: What You Need to Know

Account Takeover, SQL Injection and DDoS Attack Simulation on APIs

May 28, 2024 By Indusface In Indusface

Overview: According to TechTarget, 94% of organizations experience security problems in production APIs, and one in five suffers a data breach. The primary reason is that most tech leaders assume that having a strong authentication and authorisation framework is enough to secure APIs. As a result, cyberattacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise. Join Karthik Krishnamoorthy, CTO and Vivekanand Gopalan Gopalan, VP of Products at Indusface, in this webinar as they demonstrate how APIs can be hacked.

View Video