Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Evaluating dependence on NVD

As I mentioned at the beginning of this year, I am trying to do a monthly blog post on what might be termed “Major Security Events”. In particular this year, I’ve written about the Ivanti meltdown, Lockbit ransomware, and the xz backdoor. These events usually emerge cacophonously and suddenly into the cybersecurity landscape, and generally get everyone’s attention “real quick”.

Destructive Malware: Threat Detection and Incident Response

Imagine that you have a snack you want to eat while watching a movie on a Friday night. You look in your kitchen, only to find the snack missing. Whether a roommate hid the snack or ate it, you no longer have access to it, disrupting your evening plans. This destructive behavior interrupts your weekend objectives, but it’s pretty low stakes overall.
Featured Post

Why Manufacturers are in the Crosshairs of Threat Actors

In today's modern digitised environment, the manufacturing industry faces multiple interwoven challenges that can have a serious impact on their overall performance and sustainability. These challenges include supply chain disruptions, with events such as natural disasters, geopolitical issues, and pandemics disrupting the global supply chain, affecting the timely delivery of raw materials and components. These disruptions put pressure on manufacturing organisations to better plan for potential supply chain uncertainty, while responding quickly to changes in customer demand, and also trying to keep costs low.

Endpoint malware detection rises by 75%

Cybersecurity continues to be unfinished business for many companies. In a context where digitalization reigns in almost all areas, cybercriminals have more and more resources to draw on and continue to threaten the cybersecurity of millions of organizations. To guide companies and industry professionals through the ever-changing habits of malware, WatchGuard has released a new edition of our Internet Security Report (ISR).

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given its clear efforts at decoy and evasion.

Rubrik Announces Integration With Microsoft Information Protection (MIP) Sensitivity Labels

We are excited to announce that Rubrik DSPM now supports Microsoft Information Protection (MIP) sensitivity labels. This integration helps our joint customers to better track and secure files with sensitive data – both within and outside of Microsoft environments. MIP labels are used by organizations to map sensitive data within their Microsoft environment, control access to that data, and enable protection settings such as encryption.

Beyond Detection: The Rise of Legitimate Software Abuse in Malware Attacks

Cybersecurity researchers have identified an increasing trend where threat actors are abusing legitimate and commercially available packer software, such as BoxedApp, to evade detection and distribute malware, including remote access trojans and information stealers. Targeted Industries and Geographical Spread According to Check Point security researcher Jiri Vinopal, the majority of malicious samples have targeted financial institutions and government sectors.

What is Glupteba and how can you protect your customers from this malware?

Over time, cybercriminals find ways to exploit new cybersecurity breaches, leading to the creation of malware that compromises users' security. Every year, one or more malware variants stand out as new, evasive, or dangerous. According to our Internet Security Report (ISR), last year it was Glupteba.

Phishing Campaign Abuses Windows Search to Distribute Malware

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to launch Windows Explorer and trick users into installing the malware. “Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware,” the researchers state.