November 21, 2023 at 02:06AM The China-linked cyber espionage group Mustang Panda targeted a Philippines government entity using legitimate software to sideload malicious files. Mustang Panda, also known as Bronze President and other aliases, is a Chinese advanced persistent threat (APT) that has been active since at least 2012. The group has targeted NGOs and … Read more
November 7, 2023 at 05:24AM October 2023 saw a total of 31 cybersecurity-related merger and acquisition (M&A) deals. Some notable acquisitions include Arctic Wolf’s acquisition of Revelstoke to enhance its security orchestration, automation, and response (SOAR) capabilities, and Okta’s acquisition of Uno to accelerate the release of its consumer password manager. Other acquisitions were made … Read more
November 6, 2023 at 12:30PM Palo Alto Networks is making big moves in the cloud data security space. After acquiring Dig Security for $400 million, they plan to spend $625 million to buy Talon Cyber Security. These acquisitions aim to strengthen Palo Alto’s product offerings and compete with rivals like Cisco. Talon’s browser technology will … Read more
November 1, 2023 at 03:49AM Turla, a Russia-linked hacking group, is using an updated version of a backdoor called Kazuar that emphasizes stealth and evasion techniques, according to Palo Alto Networks Unit 42. Kazuar, a .NET-based implant first discovered in 2017, has been improved by the threat actor behind the operation to enhance their attack … Read more
October 31, 2023 at 02:22PM Palo Alto Networks has announced its acquisition of Dig Security, an Israeli company specializing in Data Security Posture Management (DSPM) technology. Dig Security’s solution helps organizations protect sensitive data in the cloud, and it will be integrated into Palo Alto’s Prisma Cloud platform. Analysts see the acquisition as a strategic … Read more
October 31, 2023 at 11:51AM Cybersecurity firm Palo Alto Networks warns that a threat actor, known as EleKtra-Leak, has been harvesting identity and access management (IAM) credentials from public GitHub repositories within five minutes of exposure. The threat actor has been using the credentials for cryptojacking campaigns that have been ongoing for at least two … Read more