Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

kroll

Deep Dive into GOOTLOADER Malware and Its Infection Chain

Jun 23, 2023 By Keith Wojcieszek In Kroll

Kroll has analyzed incidents throughout Q1 2023 where drive-by compromise was the initial infection vector for GOOTLOADER malware. It is likely that the threat actors are utilizing SEO to drive individuals to either their own malicious website or to infected WordPress sites. These sites are then used to host documents that would be attractive to employees within the legal and professional services sectors.

Read Post
WatchGuard

ChatGPT can create polymorphic malware, now what?

Jun 23, 2023 By Corey Nachreiner In WatchGuard

Despite the security controls that OpenAI has imposed on ChatGPT to try to make it a secure space capable of assisting users in a variety of tasks, cybercriminals have managed to exploit this technology for malicious purposes. Recent research has shown that this generative artificial intelligence is capable of creating a new branch of polymorphic malware with relative ease. The main risk lies in ChatGPT's versatility, which allows it to create code that could easily be used for malware.

Read Post
Featured Post
cato networks

Exploiting ancient vulnerabilities: How did the 3CX supply chain attack occur and what can we learn from it?

Jun 22, 2023 By Etay Maor, Senior Director of Security Strategy In Cato Networks
On March 29th, North-Korean linked threat-actors targeted 3CX, a VoIP IPX developer, exploiting a 10-year-old vulnerability (CVE-2013-3900) that made executables appear to be legitimately signed by Microsoft when, in fact, they were being used to distribute malware. The 3CX attack is just the latest in a series of high-profile supply chain attacks over the past year. The SolarWinds attack compromised the Orion system, affecting thousands of organizations, and the Kaseya VSA attack that was used to deliver REvil ransomware also to thousands of organizations and is considered one of the largest security breaches of the 21st century.
Read Post
cyberint

Venom Control-RAT With a Sting

Jun 22, 2023 By Shmuel Gihon In Cyberint
As the cybercrime industry continues to provide us with new Malware as a Service (MaaS) products, we have become used to seeing the operators advertising and developing the panels underground. Over the past year, an allegedly legitimate software company named Venom Control Software emerged, offering a Remote-Access-Tool (RAT) for “hackers and pen-testers”.
Read Post
CrowdStrike

CrowdStrike Falcon Pro for Mac Achieves 100% Mac Malware Protection, Awarded 2023 AV-Comparatives Approved Mac Security Product

Jun 22, 2023 By Sagar Gulhane - Brad Moon - Liviu Arsene In CrowdStrike

Mac computers are becoming increasingly popular in business and enterprise applications. This growing adoption has had one negative side effect: Adversaries are increasingly targeting Macs, hoping that companies buy into the concept of macOS being immune to cyberattack. While macOS does provide advanced security features, these can be defeated by a determined attacker.

Read Post
CrowdStrike

Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft

Jun 22, 2023 By Falcon Complete Team In CrowdStrike

On May 24, 2023, industry and government sources detailed China-nexus activity in which the threat actor dubbed Volt Typhoon targeted U.S.-based critical infrastructure entities. CrowdStrike Intelligence tracks this actor as VANGUARD PANDA. Since at least mid-2020, the CrowdStrike Falcon® Complete managed detection and response (MDR) team and the CrowdStrike® Falcon OverWatch™ threat hunting team have observed related historical activity in multiple sectors.

Read Post
lookout

Ransomware Gangs Exploit Three Zero-Day Vulnerabilities in MOVEit

Jun 21, 2023 By Hank Schless In Lookout

In quick succession at the end of May into mid-June, software developer Progress released three advisories that any customers using its popular managed file transfer (MFT) solution MOVEit should immediately update to the latest release. In this time, they were made aware of three critical vulnerabilities, CVE-2023-34362 on May 31, CVE-2023-35036 on June 9, and CVE-2023-35708 on June 15.

Read Post
bitsight

Evidence-Based Strategies to Lower Your Risk of Becoming a Ransomware Victim

Jun 20, 2023 By Rachel Holmes In BitSight
The ransomware trend continues to run rampant. One in four breaches involve ransomware, and organized crime actors use ransomware in more than 62 percent of incidents. Cyber criminals are taking advantage of these new opportunities to exploit a greatly expanded attack surface: But ransomware is only one small piece that a security leaders has to manage. The threat of ransomware is compounded by a distributed workforce, trends toward technology consolidation, geopolitical upheaval, and budget constraints.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.