Latest News

Search & Spoof: Abuse of Windows Search to Redirect to Malware

Jun 11, 2024 By Trustwave In Trustwave

Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware. We found the threat actors utilizing a sophisticated understanding of system vulnerabilities and user behaviors. Let’s break down the HTML and the Windows search code to better understand their roles in the attack chain.

Read Post

Trustwave

Read more about Search & Spoof: Abuse of Windows Search to Redirect to Malware

Rubrik Expands Data Access Governance (DAG) Solution with New Identity Inventory

Jun 10, 2024 By Filip Verloy In Rubrik

In a recent Fortune article, Amazon’s chief security officer, Steve Schmidt, suggests 6 questions every company's board should ask its CISOs to understand how robust their cybersecurity preparation is. One of the most challenging questions for CISOs was: “Who has access to what data? Why do they need it, and for how long?” This question is critical because cyberattacks often begin with weak, leaked, or stolen passwords.

Read Post

Rubrik

Read more about Rubrik Expands Data Access Governance (DAG) Solution with New Identity Inventory

The Most Common Ways Cyber Criminals Will Target Your Business

Jun 6, 2024 By SecuritySenses In SecuritySenses

Businesses face an ever-growing array of security threats from cybercriminals. Scammers and hackers employ increasingly sophisticated techniques to infiltrate corporate networks, steal sensitive information, and disrupt operations. In 2023, consumers and businesses in the United States reported losing more than $10 billion to fraud and online scams, marking the first time that fraud losses have reached that benchmark. This is a 14% increase over reported losses in 2022.

Read Post

SecuritySenses

Read more about The Most Common Ways Cyber Criminals Will Target Your Business

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Jun 6, 2024 By Graham Cluley In Tripwire

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn't involve paying a ransom? Well, don't fear. The FBI announced this week that it had obtained over 7,000 decryption keys for the LockBit ransomware and is urging victims to come forward for free assistance.

Read Post

Tripwire

Read more about Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Into the Rat's Nest: A SenseOn Analysis of the NetSupport RAT

Jun 6, 2024 By Isabel Carter In SenseOn

Threat actors prefer deploying tools which appear genuine and expected in a business IT environment. This provides camouflage for their toolset, blending into organisations' application portfolios. NetSupport Manager, a remote access tool, has been utilised by system administrators since its release in 1989 and has been used by threat actors since at least 2016.

Read Post

SenseOn

Read more about Into the Rat's Nest: A SenseOn Analysis of the NetSupport RAT

EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

Jun 6, 2024 By Drago Corlătescu - Alexandru Dinu - Mihaela Găman - Paul Sumedrea In CrowdStrike

CrowdStrike is constantly researching, working and innovating to stay at the cutting edge of threat detection and response. Recently, these efforts include EMBERSim, a large-scale dataset developed to address limitations in binary code similarity (BCS), improve malware detection and facilitate future work in this area.

Read Post

CrowdStrike

Read more about EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

Surge in CatDDoS Attacks: Exploiting Vulnerabilities to Spread Mirai Variant

Jun 6, 2024 By Foresiet In Foresiet

The cybersecurity landscape has recently been shaken by a surge in activity involving a Mirai distributed denial-of-service (DDoS) botnet variant known as CatDDoS. Over the past three months, threat actors have aggressively exploited more than 80 vulnerabilities to spread this malware. In this blog, we explore the recent CatDDoS attacks, the targeted sectors, and the implications for cybersecurity practices.

Read Post

Foresiet

Read more about Surge in CatDDoS Attacks: Exploiting Vulnerabilities to Spread Mirai Variant

New WatchGuard Threat Lab Report Uncovers Widespread Detection of 'Pandoraspear' Malware Targeting Enterprise Smart TVs

Jun 5, 2024 By WatchGuard In WatchGuard

Analysis shows spike in endpoint malware detections, widespread targeting of Chromium-based browsers to start the year.

Read Post

WatchGuard

Read more about New WatchGuard Threat Lab Report Uncovers Widespread Detection of 'Pandoraspear' Malware Targeting Enterprise Smart TVs

The History of Ransomware

Jun 5, 2024 By Arctic Wolf In Arctic Wolf

While often considered a newer threat, and rightly so given its fast-rising dominance among the cybercrime landscape, ransomware is not a recent innovation in the ongoing cyber war. It stretches back decades to the early days of the internet, email, and even floppy discs.

Read Post

Arctic Wolf

Read more about The History of Ransomware

Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor

Jun 5, 2024 By Trustwave In Trustwave

During a recent client investigation, Trustwave SpiderLabs found a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. Our client had been searching for the Advanced IP Scanner tool online and inadvertently downloaded the compromised installer from a typo-squatted domain that appeared in their search results. Figure 1. Search results for Advanced IP Scanner may direct users to a malicious domain.

Read Post

Trustwave

Read more about Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Search & Spoof: Abuse of Windows Search to Redirect to Malware

Rubrik Expands Data Access Governance (DAG) Solution with New Identity Inventory

The Most Common Ways Cyber Criminals Will Target Your Business

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Into the Rat's Nest: A SenseOn Analysis of the NetSupport RAT

EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis

Surge in CatDDoS Attacks: Exploiting Vulnerabilities to Spread Mirai Variant

New WatchGuard Threat Lab Report Uncovers Widespread Detection of 'Pandoraspear' Malware Targeting Enterprise Smart TVs

The History of Ransomware

Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor

Monthly Archive

Follow Us