Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There are rare occasions when you open the news and don't find anything about cybersecurity in the headlines. According to the Australian Cyber Security Centre (ACSC), Australia has dealt with a cyberattack every 8 minutes in the financial year 2020-21, with over 67,500 cases of cybercrime registered in the same year. Studies indicate that ransomware is one of the most frequent and damaging types of malware leveraged by cybercriminals.

Info Stealers are one of the most popular malware types being used in the wild today.

In a new threat briefing report, Vedere Labs analyzes the behavior of the Night Sky malware on two samples, presents a list of IoCs extracted from the analysis and discusses mitigation. The Night Sky ransomware was first reported on January 1, 2022. Victims were asked to contact the attackers to pay for the ransom. If the victims refused to pay, attackers threatened to expose their data on a leak site.

This blog was written by an independent guest blogger. In mid-March, Microsoft released a free, open-source tool that can be used to secure MikroTik routers. The tool, RouterOS Scanner, has its source code available on GitHub. It is designed to analyze routers for Indicators of Compromise (IoCs) associated with Trickbot. This article will introduce some background on the MikroTik vulnerability, the Trickbot malware, and some ways you can protect yourself.

The Splunk Threat Research Team is monitoring several malicious payloads targeting Customer Premise Equipment (CPE) devices. These are defined as devices that are at customer (Commercial, Residential) premises and that provide connectivity and services to the internet backbone. Examples include.

One thing that we’ve learned from the Russia-Ukraine conflict is that the cybersecurity and the cyber-warfare world is going to change, if it hasn’t already. While Anonymous, the TI Army of Ukraine, and more hacktivist groups are actively participating in the conflict, a relatively new group brings something new to the table.

Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure.

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.

Over the past week, the WhiteSource security team has found several instances of packages that use unusual techniques to disguise malicious intent. These techniques differ from what we have usually seen in the past, such as base64 and JS obfuscation. This time, we are seeing a malicious actor use hex encoding to hide the malicious behavior of the package.

Malware is a surefire knife that hackers and malicious cyber criminals use to attack organizations and corporations. Unfortunately, malware analysis in the current cybersecurity space is lengthy. It might take more than ten years to understand the size and complexity of recurring malware. Besides, detecting and eliminating malware artifacts in the current evolving period isn't enough. Security analysts also need to understand how the malware operates, the motivation, and the goals of the breach.