Latest news with #Symantec
Yahoo
20-05-2025
- Business
- Yahoo
SentinelOne Rises 25% in a Month: Should You Still Buy the Stock?
SentinelOne's S shares have surged 25% in a month, outperforming the Zacks Security industry's return of 19.4% and the broader Zacks Computer and Technology sector's appreciation of 22.8%. The recent outperformance can be attributed to the company's strong AI-powered portfolio, rich partner base and expanding clientele despite stiff the cybersecurity space, SentinelOne is facing stiff competition from the likes of Okta OKTA, Broadcom AVGO and Microsoft MSFT. While Okta's main focus is on identity management, Broadcom's Symantec is a traditional legacy antivirus suite. Microsoft's Defender suite is broadly integrated with its own operating system, lacking openness with third-party SentinelOne's Singularity platform is a complete AI-native and provides security at multiple levels, including endpoint, cloud, identity and data through a single interface. The Purple AI provides investigation, real-time threat detection and automated response through its generative AI-powered security analysis, substantially reducing the response time of enterprises. SentinelOne's modular and multi-cloud compatible architecture gives it a first mover advantage compared to its peers as it offers a more modern and AI-driven solution to enterprises, leading the way into the SentinelOne stock has underperformed its competitors over the past month. Okta, Broadcom and Microsoft shares have appreciated 37.7%, 37.5% and 26.5%, respectively, over the same time. SentinelOne, Inc. price-consensus-chart | SentinelOne, Inc. Quote SentinelOne is expanding its reach in the market with an impressive partner base, which includes some of the top names in the industry, like Alphabet, Lenovo and Amazon Web Services (AWS), among others.S has integrated its services with platform solution providers like Palo Alto Networks, Fortinet, Okta and Microsoft to provide seamless security workflows to its end users. The Purple AI platform helps secure Gen AI applications on the Amazon bedrock, whereas the Singularity Cloud workload helps secure AWS containerized fourth-quarter 2025, 12+ new large Managed Security Service Providers adopted SentinelOne's AI SIEM, CNAPP and Purple AI modules, enhancing recurring revenues. By the end of the previous quarter, the company had more than 14000 direct customers and saw a 25% increase in customers with ARR exceeding $100,000. The total number of such customers stood at 1411 by the end of January April 2025, SentinelOne partnered with Nord Security to provide SMBs with an integrated endpoint and network security solution, increasing the revenue potential for both May 2025, SetinelOne received FedRAMP High Authorization for its Purple AI, Singularity Cloud Security CNAPP and Singularity Hyperautomation solutions. This authorisation provides the company with the opportunity to sell its services to federal agencies, public sector and critical infrastructure organisations, driving top-line growth. SentinelOne has provided positive guidance for the first quarter of fiscal 2026 and fiscal the first quarter of fiscal 2026, the company expects revenues to be around $228 million, indicating 22% growth year over year. For fiscal 2026, it expects revenues to be between $1.007 billion and $1.012 billion, implying 23% growth year over Zacks Consensus Estimate for first-quarter fiscal 2026 revenues is pegged at $228.03 million, indicating 22.36% year-over-year growth and the same for the entire fiscal 2026 is pegged at $1.01 billion. SentinelOne currently carries a Zacks Rank #2 (Buy).You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Microsoft Corporation (MSFT) : Free Stock Analysis Report SentinelOne, Inc. (S) : Free Stock Analysis Report Broadcom Inc. (AVGO) : Free Stock Analysis Report Okta, Inc. (OKTA) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Forbes
08-05-2025
- Forbes
Play Ransomware Zero-Day Attacks — US, Saudi Arabia Have Been Targeted
Play ransomware exploited Windows zero-day. The ransomware threat is far from over, despite the internal private communications of some of the cybercriminal gangs being leaked, snitches being offered big bucks for information on gang members, and the childishness of DOGE-trolling attackers demanding $1 trillion payments. If you want evidence of this, look no further than a recent report confirming a 5,365 ransomware rampage. Now it has been revealed that the Play ransomware malware has been used by cybercrime groups exploiting a Windows zero-day vulnerability in attacks across multiple countries, including the U.S., although not all were successful. Here's what you need to know. A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been exploited by Play ransomware attackers, before the elevation of privilege issue was fixed by the April Patch Tuesday security update. Targets included real estate and information technology organizations in the U.S., the retail sector in Saudi Arabia, and software in Spain. Now, the Symantec Threat Hunter Team has published an in-depth technological exploration of another, unsuccesful this time, Play ransomware attack exploiting the same CVE-2025-29824 zero-days against an as yet unnamed U.S. company. The Microsoft threat report confirmed that the original attacks had been facilitated by the use of the PipeMagic malware backdoor and attributed them to a threat actor identified as Storm-2460, although no further information has been provided regarding this group. The Symantec Threat Hunter report, meanwhile, has attributed the latest attacks to a cybercrime group identified as Balloonfly, which is linked to multiple incidents involving Play ransomware deployed against businesses in North America, South America and Europe. 'While the use of zero-day vulnerabilities by ransomware actors is rare,' Symantec said, 'it is not unprecedented.' The good news is that the Ballonfly attack, Symantec said, occurred before the Windows patch was released. So, at the risk of stating the obvious, patch management is the best mitigation against falling victim to the Play ransomware menace. At least, that is, as far as this exploit route is concerned. CVE-2025-29824, is a use-after-free memory vulnerability in the Windows Common Log File System driver that can allow an unauthorized attacker to elevate their system privileges locally.
Yahoo
05-05-2025
- Business
- Yahoo
Why Broadcom Stock Jumped 15% in April
Broadcom announced a $10 billion share buyback program. Its diversification seems to give it an edge over other chip stocks. Its artificial intelligence business is picking up steam. Shares of Broadcom (NASDAQ: AVGO) were bucking the broader trend in the market last month as a well-timed buyback announcement, generally positive analyst research, and a new product announcement lifted the stock. According to data from S&P Global Market Intelligence, the stock finished the month up 15%. Where to invest $1,000 right now? Our analyst team just revealed what they believe are the 10 best stocks to buy right now. Continue » As you can see from the chart below, Broadcom got a lift from the share buyback announcement at the beginning of the month and then tracked similarly to the S&P 500 for the duration of April but with greater upside. Like the rest of the stock market, Broadcom shares dove in response to the Trump tariffs announcement. However, the stock rebounded quickly after the company delighted investors by announcing a $10 billion share repurchase program on April 7. While that represents only about 1% of the company's market cap, it represented a sign of confidence from management in the face of the uncertainty around the trade war and showed that it was eager to take advantage of any discount in the stock price. Broadcom stock jumped 5.4% on April 7 as a result, even as the broad market fell again. On April 9, it surged 19% on news that President Trump was announcing a 90-day pause on most of the "reciprocal tariffs" he had declared the week before. As a cyclical stock sensitive to the global economy, Broadcom was able to outperform the market on that news. Later in the month, the company announced an advancement in its Symantec cybersecurity business with Incident Protection, an artificial intelligence (AI) tool that predicts cyberattacker behavior. Finally, Broadcom benefited from an upswing at the end of the month as fears about the trade war tamped down on news reports that the U.S. and China were open to trade talks. On April 30, Seaport Research initiated coverage of the stock with a buy, noting that Broadcom was well positioned to benefit from the hyperscalers' intentions to design their own chips, as it's considered a leader in custom ASIC chips, which the big cloud companies are turning to as a potential replacement for some Nvidia GPUs. Broadcom won't report its next earnings results until June, but the company seems well positioned to benefit from the tailwind in AI and ride out any broader market turmoil, thanks in part to its diversification across networking chips, infrastructure products, virtualization software, and cybersecurity. The chip giant looks like a good bet to continue to outperform the market, especially as its AI business appears to be gaining momentum. Before you buy stock in Broadcom, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Broadcom wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $623,685!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $701,781!* Now, it's worth noting Stock Advisor's total average return is 906% — a market-crushing outperformance compared to 164% for the S&P 500. Don't miss out on the latest top 10 list, available when you join . See the 10 stocks » *Stock Advisor returns as of May 5, 2025 Jeremy Bowman has positions in Broadcom and Nvidia. The Motley Fool has positions in and recommends Nvidia. The Motley Fool recommends Broadcom. The Motley Fool has a disclosure policy. Why Broadcom Stock Jumped 15% in April was originally published by The Motley Fool Sign in to access your portfolio
Yahoo
19-03-2025
- Yahoo
Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware
Federal authorities are warning users of Gmail, Outlook, and other popular email services about dangerous ransomware linked to a group of developers who have breached hundreds of victims' data, including people in the medical, education, legal, insurance, tech, and manufacturing fields. The ransomware variant is called "Medusa," it was first identified in June 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and FBI announced on March 12. "This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors," the agencies said. "These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware." As of February 2025, the cyber attacks have impacted more than 300 victims, according to the agencies. The Medusa developers normally recruit access brokers and pay them between $100 and $1 million to work for them, and these affiliates will use common techniques to breach the data of potential victims, such as phishing campaigns and exploiting unpatched software vulnerabilities, the FBI and CISA said. Here is what to know about the ransomware, including who is allegedly behind the attacks and how people can protect their data. What the suds? One man's laundry hack sparks discourse over detergent measuring cup A March 6 blog post by Symantec, a brand of enterprise security software, says a group called Spearwing is operating the ransomware. "Like the majority of ransomware operators, Spearwing and its affiliates carry out double extortion attacks, stealing victims' data before encrypting networks in order to increase the pressure on victims to pay a ransom," Symantec's blog post says. "If victims refuse to pay, the group threatens to publish the stolen data on their data leaks site." According to Symantec, Spearwing has victimized hundreds of people since the group first became active in early 2023. The group has around 400 victims on its data leaks site, and the true number is likely much higher, the blog post says. The ransoms demanded by Spearwing using the Medusa ransomware have ranged from $100,000 up to $15 million, according to Symantec. In addition to gaining access to victims' networks, the group is also hijacking legitimate accounts, including those of healthcare organizations, the blog post says. "In several of the Medusa attacks observed by Symantec it wasn't possible to definitively determine how the attackers had gained initial access to victims' networks, meaning an infection vector other than exploits could have been used," according to the blog mitigate Medusa ransomware, the FBI and CISA are recommending that people: Develop a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location. For example, hard drives, storage devices and the cloud. Require all accounts to have password logins. Employees of companies should use long passwords, which should be frequently changed. Require multifactor authentication for all services, particularly for webmail, virtual private networks, and accounts that access critical systems. Make sure all operating systems, software, and firmware are up to date. Segment networks to prevent the spread of ransomware. Identify, detect, and investigate odd activity and potential passage of the indicated ransomware with a networking monitoring tool. Require VPNs or Jump Hosts for remote access. Monitor for unauthorized scanning and access attempts. Filter network traffic by stopping unknown or untrusted origins from accessing remote services on internal systems. Disable unused ports Keep offline backups of data and regularly maintain backup and restoration. Make sure all backup data is encrypted and inflexible. Jonathan Limehouse covers breaking and trending news for USA TODAY. Reach him at JLimehouse@ This article originally appeared on USA TODAY: FBI, CISA warns Gmail, Outlook users about Medusa ransomware
USA Today
17-03-2025
- USA Today
Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware
Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware A blog post by security software brand, Symantec, identifies the group of cyber attackers as Spearwing, a group that initially became active in early 2023. Show Caption Hide Caption Government-wide emails mistaken as phishing scam Before the federal government sent employees a buyout offer, it sent government-wide tests that were widely mistaken as a phishing scam. Straight Arrow News Federal authorities are warning users of Gmail, Outlook, and other popular email services about dangerous ransomware linked to a group of developers who have breached hundreds of victims' data, including people in the medical, education, legal, insurance, tech, and manufacturing fields. The ransomware variant is called "Medusa," it was first identified in June 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and FBI announced on March 12. "This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors," the agencies said. "These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware." As of February 2025, the cyber attacks have impacted more than 300 victims, according to the agencies. The Medusa developers normally recruit access brokers and pay them between $100 and $1 million to work for them, and these affiliates will use common techniques to breach the data of potential victims, such as phishing campaigns and exploiting unpatched software vulnerabilities, the FBI and CISA said. Here is what to know about the ransomware, including who is allegedly behind the attacks and how people can protect their data. What the suds? One man's laundry hack sparks discourse over detergent measuring cup Symantec: Group operating ransomware identified as Spearwing A March 6 blog post by Symantec, a brand of enterprise security software, says a group called Spearwing is operating the ransomware. "Like the majority of ransomware operators, Spearwing and its affiliates carry out double extortion attacks, stealing victims' data before encrypting networks in order to increase the pressure on victims to pay a ransom," Symantec's blog post says. "If victims refuse to pay, the group threatens to publish the stolen data on their data leaks site." According to Symantec, Spearwing has victimized hundreds of people since the group first became active in early 2023. The group has around 400 victims on its data leaks site, and the true number is likely much higher, the blog post says. The ransoms demanded by Spearwing using the Medusa ransomware have ranged from $100,000 up to $15 million, according to Symantec. In addition to gaining access to victims' networks, the group is also hijacking legitimate accounts, including those of healthcare organizations, the blog post says. "In several of the Medusa attacks observed by Symantec it wasn't possible to definitively determine how the attackers had gained initial access to victims' networks, meaning an infection vector other than exploits could have been used," according to the blog post. How can people protect themselves from Medusa ransomware? To mitigate Medusa ransomware, the FBI and CISA are recommending that people: Develop a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location. For example, hard drives, storage devices and the cloud. Require all accounts to have password logins. Employees of companies should use long passwords, which should be frequently changed. Require multifactor authentication for all services, particularly for webmail, virtual private networks, and accounts that access critical systems. Make sure all operating systems, software, and firmware are up to date. Segment networks to prevent the spread of ransomware. Identify, detect, and investigate odd activity and potential passage of the indicated ransomware with a networking monitoring tool. Require VPNs or Jump Hosts for remote access. Monitor for unauthorized scanning and access attempts. Filter network traffic by stopping unknown or untrusted origins from accessing remote services on internal systems. Disable unused ports Keep offline backups of data and regularly maintain backup and restoration. Make sure all backup data is encrypted and inflexible. Jonathan Limehouse covers breaking and trending news for USA TODAY. Reach him at JLimehouse@
