International

SEC Consult researchers found a vulnerability in CrowdStrike’s Falcon Sensor, enabling attackers to evade detection and run malicious applications. The dubbed “Sleeping Beauty” vulnerability was reported to CrowdStrike in late 2023 but was dismissed as just a “detection gap.” The technique involved suspending the EDR processes instead of stopping them, …

The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of disruptions to cloud services and data centers. These guidelines will help cloud service providers and data centres to improve their security and ensure continuity by assessing risks and planning for incidents. GUIDELINES FOR CLOUD SERVICES …

CYFIRMA analysis reveals a sophisticated malware campaign that exploits a major Indian bank’s brand through fake mobile apps. These apps, distributed via phishing links and social engineering, closely resemble the real bank apps, deceiving users into sharing their credentials and personal information. The malware uses advanced techniques, such as encrypted …

India’s central bank to launch a special “.bank.in” domain for banks in April 2025 to fight digital payment fraud and enhance trust in online banking. The Reserve Bank of India announced that the Institute for Development and Research in Banking Technology (IDRBT) will exclusively manage the new “fin.in” domain for …

The zLabs research team found a mobile malware campaign with nearly 900 malware samples aimed at Indian bank users. Analysis shows shared code, interfaces, and logos, indicating a single group behind the attacks on Android devices. Zimperium’s detection engine successfully identified these as Trojan Bankers targeting Indian financial institutions. This …

At an all-hands meeting at Meta on Thursday, Mark Zuckerberg did not mention the company’s $25 million settlement with Donald Trump, which includes $22 million for the future Trump Presidential Library. But Zuckerberg did say that he had to be increasingly careful about what he says internally at Meta. “Everything …

Sygnia’s recent report highlights the changing strategies of ransomware groups targeting VMware ESXi appliances. These attackers exploit vital virtual infrastructure to disrupt operations and remain hidden in compromised networks. ESXi appliances have become prime targets due to their role in hosting vital virtual machines. “Damaging them renders virtual machines inaccessible, …

MITRE launched D3FENDTM 1.0, a cybersecurity framework that provides a vocabulary and understanding of the cyber domain. D3FEND 1.0, funded by the NSA and the U.S. Department of Defense, offers a flexible and user-friendly framework for cybersecurity operations and strategic decision-making. D3FEND was initially released as a beta in June …

Last year saw a significant rise in cyber threats, with malware becoming more advanced and attack strategies more sophisticated. A report by ANY.RUN, an interactive malware analysis platform, noted that 2024 experienced the highest levels of complex malware threats in the global cybersecurity landscape. Surge in Malware Activity: In 2024, …