Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

UX Design and Research for AI-Driven Products with Rubrik User Researcher Tianmi Fang

In this video, we delve into the design process of Rubrik Ruby, your generative AI-powered cyber recovery companion, and how it addresses real user problems for security and IT teams. We took a different approach by focusing on understanding user pain points and leveraging the power of AI to provide solutions. One of Ruby's key benefits is its ability to automate repetitive tasks, freeing up your time and energy. Ruby utilizes AI and automation to prioritize overwhelming information, ensuring that you get what you need when you need it.

How to Create a Ransomware Recovery Plan & Prevent Attacks

Ransomware isn’t just a threat—it’s a harsh reality facing IT professionals in many industries. And while Kubernetes and OpenShift are powerful platforms for modern infrastructure, they introduce unique complexities that cybercriminals can exploit. The fallout from a successful attack is well documented: significant financial loss, operational downtime, and potential damage to your organization’s reputation.

Understanding an 0ktapus Phishing Campaign

The recent surge in phishing attacks capable of bypassing multi-factor authentication (MFA) has raised significant concerns in the cybersecurity landscape. These attacks highlight the fact that even systems protected by MFA have vulnerabilities, making it imperative for organizations to stay vigilant and not rely on a single control as a silver bullet. One such campaign, known as 0ktapus, provides a crucial case study in understanding the methods and impacts of these phishing attacks.

New "Paste and Run" Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware. Security researchers at Ahnlab have discovered a new phishing campaign that leverages a unique user interaction. Normally, phishing campaigns simply need users to open an HTML attachment.

Volcano Demon Ransomware Group Uses Phone Calls for Direct Extortion

A newly identified ransomware group, "Volcano Demon," has emerged, targeting executives directly with threatening phone calls instead of the typical data leak sites. Over the past two weeks, this group has carried out several attacks, deploying a unique ransomware variant known as “LukaLocker,” according to a report from Halcyon. LukaLocker Ransomware Attack Overview Volcano Demon’s ransomware, LukaLocker, encrypts files with a.nba extension.

CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code

CLEARFAKE is the term used to describe the malicious in-browser JavaScript framework deployed on compromised webpages as part of drive-by compromise campaigns to deliver information stealers. It has the potential to impact all sectors. Although the CLEARFAKE fake browser update campaign (which was initially identified in Q2 2023) originally targeted Windows users, it expanded to macOS users in Q4 2023.

New Exploit in Microsoft MSHTML Delivers MerkSpy Spyware Tool

A newly discovered spyware tool named MerkSpy is targeting users in Canada, India, Poland, and the U.S., exploiting a patched security flaw in Microsoft MSHTML. This campaign, identified by Foresiet researchers, highlights the critical need for vigilant cybersecurity practices, including stolen credentials detection, darknet monitoring services, and digital footprint analysis. Attack Overview The attack begins with a Microsoft Word document disguised as a job description for a software engineer.

Massive Supply-Chain Ransomware Attack Cripples Thousands of Car Dealerships

A widespread ransomware attack has brought thousands of car dealerships across the United States to a halt. The incident, attributed to the BlackSuit ransomware gang, targeted CDK Global, a software provider essential to the operations of numerous car dealerships. This breach underscores the critical need for robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.