Credit to Author: Cyris Tseng| Date: Thu, 11 Apr 2024 00:00:00 +0000
Our blog entry provides an in-depth analysis of Earth Hundun’s Waterbear and Deuterbear malware.
Read moreCredit to Author: Johnny Krogsboll| Date: Thu, 11 Apr 2024 00:00:00 +0000
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.
Read moreCredit to Author: Lonny Huffar| Date: Thu, 11 Apr 2024 00:00:00 +0000
Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions.
Read moreCredit to Author: Christopher Boyton| Date: Wed, 03 Apr 2024 00:00:00 +0000
Our new article provides key highlights and takeaways from Operation Cronos’ disruption of LockBit’s operations, as well as telemetry details on how LockBit actors operated post-disruption.
Read moreCredit to Author: Fernando Cardoso| Date: Wed, 03 Apr 2024 00:00:00 +0000
Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.
Read moreCredit to Author: Christopher So| Date: Tue, 02 Apr 2024 00:00:00 +0000
This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.
Read moreCredit to Author: Arianne Dela Cruz| Date: Tue, 26 Mar 2024 00:00:00 +0000
This blog entry discusses the Agenda ransomware group’s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.
Read more
Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2024 14:51:17 +0000
The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.
Read more
Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.
Read more
Credit to Author: BrianKrebs| Date: Wed, 10 Apr 2024 14:28:17 +0000
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.
Read more