Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

Ransomware Gangs Evolve: They're Now Recruiting Penetration Testers

A new and concerning cybersecurity trend has emerged. According to the latest Q3 2024 Cato CTRL SASE Threat Report from Cato Networks, ransomware gangs are now actively recruiting penetration testers to enhance the effectiveness of their attacks. This development signals a significant shift in the tactics employed by cybercriminals and underscores the need for organizations to remain vigilant in their defense strategies.

Python NodeStealer Targets Facebook Ads Manager with New Techniques

In September 2024, Netskope Threat Labs reported a Python-based NodeStealer targeting Facebook business accounts. NodeStealer collects Facebook and other credentials stored in the browser and its cookie data. For over a year, we have tracked and discovered multiple variants of this infostealer. It is now targeting new victims and extracting new information using new techniques. In this blog post, we will dissect the development of the Python NodeStealer from multiple samples in the wild.

Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector

On Tuesday, November 19, 2024, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations, will testify in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. Within his testimony, Adam will speak publicly for the first time about a China-nexus state-sponsored actor that CrowdStrike Counter Adversary Operations tracks as LIMINAL PANDA.

DSPM vs DLP: Unraveling the Differences

In this episode of Into the Breach, James Purvis and Drew Russell discuss the key differences between Data Loss Prevention (DLP) and Data Security Posture Management (DSPM). Drew explains that while DLP focuses on perimeter security, DSPM secures data at rest, offering a more proactive approach. Using a clever analogy, Drew illustrates how DSPM prevents issues before they occur, unlike DLP's reactive measures. They conclude by highlighting how both can work together to enhance data security.

Akira Ransomware: Published Over 30 New Victims on their DLS

The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations.