BotGuard Raises $13 Million to Protect Against Harmful Web Traffic

March 14, 2024 at 10:51AM BotGuard OU has raised €12 million (~$13.1 million) in a Series A funding round, led by MMC Ventures, Tera Ventures, Expeditions Fund, and angel investors. The Estonia-based company offers an AI-driven solution to filter web traffic, mitigate threats, and reduce management costs. The investment will support technology advancement and team … Read more

Zscaler Acquires Avalor for $350 Million

March 14, 2024 at 10:51AM Zscaler has acquired Israeli startup Avalor, for a reported $350 million in cash. The deal closed on March 13, 2024. Avalor specializes in risk management platform with Data Fabric for Security. The acquisition will enable Zscaler to provide real-time, AI-driven cybersecurity insights and threat prevention. Avalor emerged from stealth mode … Read more

Windows SmartScreen Bypass Flaw Exploited to Drop DarkGate RAT

March 14, 2024 at 10:28AM Attackers are using Google redirects in a phishing attack, exploiting a patched vulnerability to spread multifaceted malware. Based on the meeting notes, the key takeaway is that attackers are utilizing Google redirects in their phishing attacks, taking advantage of a previously patched vulnerability to distribute complex malware. Full Article

How to Identify a Cyber Adversary: What to Look For

March 14, 2024 at 10:07AM Attributing a cyber incident to a specific threat actor involves multiple factors. Based on the meeting notes, it is clear that attributing a cyber incident to a specific threat actor is a complex task with many factors involved. Full Article

French unemployment agency data breach impacts 43 million people

March 14, 2024 at 09:37AM France Travail, formerly known as Pôle Emploi, disclosed a cyberattack that compromised personal details of 43 million individuals, including job seekers and individuals with a job candidate profile. The breach exposed sensitive information like full names, dates of birth, and social security numbers. The agency warns of identity theft and … Read more

Microsoft Copilot for Security Official Launch Date Announced

March 14, 2024 at 09:15AM Microsoft’s Copilot for Security, using generative AI, will be available globally starting April 1, 2024, following an invite-only program. It enhances security professionals’ capabilities by assisting in incident response, threat hunting, posture management, and intelligence collection using natural language interaction. The solution is based on OpenAI architecture with access to … Read more

Nissan confirms ransomware attack exposed data of 100,000 people

March 14, 2024 at 09:08AM Nissan Oceania has disclosed a cyberattack in December 2023, attributed to the Akira ransomware operation, affecting 100,000 people. Stolen data includes personal employee information, government IDs, and other personal details. Nissan plans to notify impacted individuals, offering support services and urging vigilance against potential fraudulent activities. From the meeting notes, … Read more

Nissan Data Breach Affects 100,000 Individuals

March 14, 2024 at 06:09AM Nissan Oceania has notified 100,000 people of a data breach caused by a ransomware attack in late 2023. The breach impacted Nissan Motor Corporation, Nissan Financial Services, and other affiliated brands’ customers, dealers, and employees. The stolen information includes government identification and personal details. Nissan is providing identity theft and … Read more

Ande Loader Malware Targets Manufacturing Sector in North America

March 14, 2024 at 04:21AM Blind Eagle threat actor employs Ande Loader to distribute RATs, targeting Spanish-speaking users in the North American manufacturing industry through phishing emails. This expansion includes leveraging RAR and BZ2 archives to activate the infection chain. Additionally, an alternative attack sequence via Discord CDN link distributes NjRAT. Crypters written by Roda … Read more

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

March 14, 2024 at 02:23AM DarkGate malware exploits a fixed Windows Defender SmartScreen flaw to install fake software, overcoming security checks. This flaw, tracked as CVE-2024-21412, allows attackers to execute files automatically. Trend Micro reports that DarkGate operators are using this vulnerability to enhance infection rates. The campaign involves a multi-step infection chain and employs … Read more