Latest news with #Symantec
Mint
6 days ago
- Business
- Mint
Mint Primer: AI's twin impact: Better security, worse dangers
AI and generative AI are proving to be double-edged swords, boosting cyber defences while also enabling threats like deepfakes, voice cloning and even attacks by autonomous AI agents. With over two-thirds of Indian firms hit by such threats last year, how do we keep up? What sets AI-powered cyberthreats apart? AI-powered cyberthreats supercharge traditional attacks, making phishing, malware, and impersonation faster, stealthier, and more convincing. GenAI tools create deepfakes, polymorphic malware that mutates constantly, and generate personalized phishing emails. AI bots test stolen credentials, bypass CAPTCHAs that detect bots using puzzles, and scan networks for vulnerabilities. Tools like ChatGPT are used to send 100,000 spam emails for just $1,250. Symantec researchers have shown how AI agents like OpenAI's Operator can run a phishing attack via email with little human intervention. Also read: Artificial intelligence may cause mass unemployment, says Geoffrey Hinton; 'Godfather of AI' reveals 'safe' jobs How big is this threat for India? Nearly 72% of Indian firms faced AI-driven cyberattacks in the past year, reveals an IDC–Fortinet report. Key threats include insider risks, zero-day exploits (attacks before developers can fix software bugs, offering zero defence on day one), phishing, ransomware, and supply chain attacks. These threats are rising fast—70% saw cases double, 12% saw a threefold surge. These attacks are harder to detect. The fallout is costly: 56% suffered financial losses, 20% lost over $500,000, the report noted. Data theft (60%), trust erosion (50%), regulatory fines (46%), and operational disruptions (42%) are the other top business impacts. The threats are evolving. Are we? Only 14% of firms feel equipped to handle AI-driven threats, while 21% can't track them at all, notes IDC. Skills and tool gaps persist, mainly in detecting adaptive threats and using GenAI in red teaming (when ethical hackers mimic real attackers to test a firm's cyber defences). Other gaps include lean security teams, and few chief information security officers. Also read: Google flags over 500 million scam messages monthly as cybercrime soars in India What about laws on AI-led cybercrime? Most countries are addressing AI-related cybercrime using existing laws and evolving AI frameworks. In India, efforts rely on the IT Act, the Indian Computer Emergency Response Team, cyber forensics labs, global ties, and the Indian Cybercrime Coordination Centre under the Union home ministry, which oversees a cybercrime portal logging 6,000 daily cases. The draft Digital India Act may tackle AI misuse. While several states are forming AI task forces, a national AI cybersecurity framework may also be needed. Also read: Israeli startup Coralogix to invest bulk of $115 million fundraise in India How to build cyber defence for AI threats? Evolving AI threats call for AI-savvy governance, regular training, and simulations. Firms must adopt an 'AI vs AI" defence, train staff on phishing and deepfakes, enforce Zero Trust (every access request must be verified) and multi-factor authentication, and conduct GenAI red-team drills. Airtel, for instance, now uses AI to block spam and scam links in real time; Darktrace uses self-learning AI to detect threats without prior data. Cyber insurance must also cover reputational and regulatory risks.
Forbes
13-06-2025
- Forbes
Google Chrome Warning Issued For Most Windows PC Users
Beware this hidden Chrome threat. This is another interesting month for Google's 3 billion Chrome users, with a U.S. government mandate to update all browsers by June 26 and another update warning this week as further vulnerabilities are discovered. But there's a very different Chrome threat to your PC, and it's much more difficult to find and fix. Already this month we have been warned by LayerX that 'a network of malicious sleeper agent extensions" are 'waiting for their 'marching order' to execute malicious code on unsuspecting users' computers.' A huge number of Chrome users have at least one extension installed, which is one of the browser's biggest security risks. Now Symantec warns that some of the most popular extensions it has analyzed, 'expose information such as browsing domains, machine IDs, OS details, usage analytics, and more.' The research team says 'many users assume that popular Chrome extensions adhere to strong security practices,' but that's just not the case. Symantec found that even some big-brand extensions 'unintentionally transmit sensitive data over simple HTTP. By doing so, they expose browsing domains, machine IDs, operating system details, usage analytics, and even uninstall information.' More alarmingly, 'because the traffic is unencrypted, a Man-in-the-Middle (MITM) attacker on the same network can intercept and, in some cases, even modify this data, leading to far more dangerous scenarios than simple eavesdropping.' Bugcrowd's Trey Ford told me 'this is a very common way to compromise browsers for various outcomes, ranging from stealing credentials and spying on users, to simply establishing ways to very uniquely identify and track users across the internet. Ultimately this can manifest as a form of malware, and unavoidably create new attack surface for miscreants to attack and compromise a very secure browsing experience.' There's no easy answer to this one. Symantec says that while 'none of [the extensions] appear to leak direct passwords,' the data can still fuel attacks. 'The risk is not just theoretical; unencrypted traffic is simple to capture, and the data can be used for profiling, phishing, or other targeted attacks.' Symantec notified the developers behind the tested extensions (details in its report.) 'The overarching lesson,' the team says, 'is that a large install base or a well-known brand does not necessarily ensure best practices around encryption. Extensions should be scrutinized for the protocols they use and the data they share.' According to Keeper Security's Patrick Tiquet, 'this highlights a critical gap in extension security,' if and when 'developers cut corners.' He warns that 'transmitting data over unencrypted HTTP and hard-coding secrets exposes users to profiling, phishing and adversary-in-the-middle attacks – especially on unsecured networks.' The risk is especially acute for enterprises. 'Organizations should take immediate action by enforcing strict controls around browser extension usage, managing secrets securely and monitoring for suspicious behavior across endpoints. Just because a browser extension is very popular and has a large user base doesn't mean it's secure. Businesses must scrutinize all browser extensions to protect sensitive data and identities.'
Yahoo
20-05-2025
- Business
- Yahoo
SentinelOne Rises 25% in a Month: Should You Still Buy the Stock?
SentinelOne's S shares have surged 25% in a month, outperforming the Zacks Security industry's return of 19.4% and the broader Zacks Computer and Technology sector's appreciation of 22.8%. The recent outperformance can be attributed to the company's strong AI-powered portfolio, rich partner base and expanding clientele despite stiff the cybersecurity space, SentinelOne is facing stiff competition from the likes of Okta OKTA, Broadcom AVGO and Microsoft MSFT. While Okta's main focus is on identity management, Broadcom's Symantec is a traditional legacy antivirus suite. Microsoft's Defender suite is broadly integrated with its own operating system, lacking openness with third-party SentinelOne's Singularity platform is a complete AI-native and provides security at multiple levels, including endpoint, cloud, identity and data through a single interface. The Purple AI provides investigation, real-time threat detection and automated response through its generative AI-powered security analysis, substantially reducing the response time of enterprises. SentinelOne's modular and multi-cloud compatible architecture gives it a first mover advantage compared to its peers as it offers a more modern and AI-driven solution to enterprises, leading the way into the SentinelOne stock has underperformed its competitors over the past month. Okta, Broadcom and Microsoft shares have appreciated 37.7%, 37.5% and 26.5%, respectively, over the same time. SentinelOne, Inc. price-consensus-chart | SentinelOne, Inc. Quote SentinelOne is expanding its reach in the market with an impressive partner base, which includes some of the top names in the industry, like Alphabet, Lenovo and Amazon Web Services (AWS), among others.S has integrated its services with platform solution providers like Palo Alto Networks, Fortinet, Okta and Microsoft to provide seamless security workflows to its end users. The Purple AI platform helps secure Gen AI applications on the Amazon bedrock, whereas the Singularity Cloud workload helps secure AWS containerized fourth-quarter 2025, 12+ new large Managed Security Service Providers adopted SentinelOne's AI SIEM, CNAPP and Purple AI modules, enhancing recurring revenues. By the end of the previous quarter, the company had more than 14000 direct customers and saw a 25% increase in customers with ARR exceeding $100,000. The total number of such customers stood at 1411 by the end of January April 2025, SentinelOne partnered with Nord Security to provide SMBs with an integrated endpoint and network security solution, increasing the revenue potential for both May 2025, SetinelOne received FedRAMP High Authorization for its Purple AI, Singularity Cloud Security CNAPP and Singularity Hyperautomation solutions. This authorisation provides the company with the opportunity to sell its services to federal agencies, public sector and critical infrastructure organisations, driving top-line growth. SentinelOne has provided positive guidance for the first quarter of fiscal 2026 and fiscal the first quarter of fiscal 2026, the company expects revenues to be around $228 million, indicating 22% growth year over year. For fiscal 2026, it expects revenues to be between $1.007 billion and $1.012 billion, implying 23% growth year over Zacks Consensus Estimate for first-quarter fiscal 2026 revenues is pegged at $228.03 million, indicating 22.36% year-over-year growth and the same for the entire fiscal 2026 is pegged at $1.01 billion. SentinelOne currently carries a Zacks Rank #2 (Buy).You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Microsoft Corporation (MSFT) : Free Stock Analysis Report SentinelOne, Inc. (S) : Free Stock Analysis Report Broadcom Inc. (AVGO) : Free Stock Analysis Report Okta, Inc. (OKTA) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Forbes
08-05-2025
- Forbes
Play Ransomware Zero-Day Attacks — US, Saudi Arabia Have Been Targeted
Play ransomware exploited Windows zero-day. The ransomware threat is far from over, despite the internal private communications of some of the cybercriminal gangs being leaked, snitches being offered big bucks for information on gang members, and the childishness of DOGE-trolling attackers demanding $1 trillion payments. If you want evidence of this, look no further than a recent report confirming a 5,365 ransomware rampage. Now it has been revealed that the Play ransomware malware has been used by cybercrime groups exploiting a Windows zero-day vulnerability in attacks across multiple countries, including the U.S., although not all were successful. Here's what you need to know. A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been exploited by Play ransomware attackers, before the elevation of privilege issue was fixed by the April Patch Tuesday security update. Targets included real estate and information technology organizations in the U.S., the retail sector in Saudi Arabia, and software in Spain. Now, the Symantec Threat Hunter Team has published an in-depth technological exploration of another, unsuccesful this time, Play ransomware attack exploiting the same CVE-2025-29824 zero-days against an as yet unnamed U.S. company. The Microsoft threat report confirmed that the original attacks had been facilitated by the use of the PipeMagic malware backdoor and attributed them to a threat actor identified as Storm-2460, although no further information has been provided regarding this group. The Symantec Threat Hunter report, meanwhile, has attributed the latest attacks to a cybercrime group identified as Balloonfly, which is linked to multiple incidents involving Play ransomware deployed against businesses in North America, South America and Europe. 'While the use of zero-day vulnerabilities by ransomware actors is rare,' Symantec said, 'it is not unprecedented.' The good news is that the Ballonfly attack, Symantec said, occurred before the Windows patch was released. So, at the risk of stating the obvious, patch management is the best mitigation against falling victim to the Play ransomware menace. At least, that is, as far as this exploit route is concerned. CVE-2025-29824, is a use-after-free memory vulnerability in the Windows Common Log File System driver that can allow an unauthorized attacker to elevate their system privileges locally.
Yahoo
05-05-2025
- Business
- Yahoo
Why Broadcom Stock Jumped 15% in April
Broadcom announced a $10 billion share buyback program. Its diversification seems to give it an edge over other chip stocks. Its artificial intelligence business is picking up steam. Shares of Broadcom (NASDAQ: AVGO) were bucking the broader trend in the market last month as a well-timed buyback announcement, generally positive analyst research, and a new product announcement lifted the stock. According to data from S&P Global Market Intelligence, the stock finished the month up 15%. Where to invest $1,000 right now? Our analyst team just revealed what they believe are the 10 best stocks to buy right now. Continue » As you can see from the chart below, Broadcom got a lift from the share buyback announcement at the beginning of the month and then tracked similarly to the S&P 500 for the duration of April but with greater upside. Like the rest of the stock market, Broadcom shares dove in response to the Trump tariffs announcement. However, the stock rebounded quickly after the company delighted investors by announcing a $10 billion share repurchase program on April 7. While that represents only about 1% of the company's market cap, it represented a sign of confidence from management in the face of the uncertainty around the trade war and showed that it was eager to take advantage of any discount in the stock price. Broadcom stock jumped 5.4% on April 7 as a result, even as the broad market fell again. On April 9, it surged 19% on news that President Trump was announcing a 90-day pause on most of the "reciprocal tariffs" he had declared the week before. As a cyclical stock sensitive to the global economy, Broadcom was able to outperform the market on that news. Later in the month, the company announced an advancement in its Symantec cybersecurity business with Incident Protection, an artificial intelligence (AI) tool that predicts cyberattacker behavior. Finally, Broadcom benefited from an upswing at the end of the month as fears about the trade war tamped down on news reports that the U.S. and China were open to trade talks. On April 30, Seaport Research initiated coverage of the stock with a buy, noting that Broadcom was well positioned to benefit from the hyperscalers' intentions to design their own chips, as it's considered a leader in custom ASIC chips, which the big cloud companies are turning to as a potential replacement for some Nvidia GPUs. Broadcom won't report its next earnings results until June, but the company seems well positioned to benefit from the tailwind in AI and ride out any broader market turmoil, thanks in part to its diversification across networking chips, infrastructure products, virtualization software, and cybersecurity. The chip giant looks like a good bet to continue to outperform the market, especially as its AI business appears to be gaining momentum. Before you buy stock in Broadcom, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Broadcom wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $623,685!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $701,781!* Now, it's worth noting Stock Advisor's total average return is 906% — a market-crushing outperformance compared to 164% for the S&P 500. Don't miss out on the latest top 10 list, available when you join . See the 10 stocks » *Stock Advisor returns as of May 5, 2025 Jeremy Bowman has positions in Broadcom and Nvidia. The Motley Fool has positions in and recommends Nvidia. The Motley Fool recommends Broadcom. The Motley Fool has a disclosure policy. Why Broadcom Stock Jumped 15% in April was originally published by The Motley Fool Sign in to access your portfolio
