Today, the Splunk Threat Research Team is thrilled to introduce ShellSweepPlus, an advancement in our ongoing mission to combat the persistent threat of web shells. Building upon the solid foundation of its predecessor ShellSweep, ShellSweepPlus is an enhanced version that takes web shell detection to new heights, incorporating cutting-edge techniques and a multifaceted approach to safeguard your web environments.

In the ever-evolving landscape of cybersecurity threats, ransomware remains a formidable adversary. Among the recent additions to this domain is Prince Ransomware, a sophisticated piece of malware written from scratch in Go. This blog will provide an in-depth look at Prince Ransomware, its unique encryption mechanisms, the process of building and deploying it, and the ethical considerations surrounding its release as an open-source project. What is Prince Ransomware?

The digital landscape is wild--and getting wilder. Research from Rubrik Zero Labs shows that cyber attacks are on the rise, with 94% of organizations reporting a significant attack in the last year. And the attacks are effectively disrupting business, with 62% of those reporting an attack revealing that their systems were compromised. So security teams need to use all of the tools in their toolkits to protect the enterprise.

IDC’s Business Value Solution Brief validates the impressive value delivered by the Forward Networks platform. According to the paper, the average user reaps $14.2M in value annually. This is achieved through improved efficiency, improved productivity, reduced downtime, and additional operational benefits (automated compliance validation, ability to achieve more without hiring, overall improvement to business operations, and additional revenue).

Modern software is built on the backs of APIs (Application Programming Interface). It unites separate bits of the web, allowing systems to communicate with each other. With APIs being used on such a wide scale, managing them becomes a mammoth task.

On July 8th, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI) along with several international partners issued an urgent advisory outlining a People’s Republic of China (PRC) state-sponsored cyber group targeting Australian and U.S. enterprises.

FakeBat loader spreads via multiple infection chains, and ESET releases its threat report from the first half of 2024.