Credit to Author: Michael Langford| Date: Wed, 11 Jan 2023 00:00:00 +0000
HSTS is an Internet standard and policy that tells the browser to only interact with a website using a secure HTTPS connection. Check out this article to learn how to leverage the security of your website and customers’ data and the security benefits you’ll gain from doing so.
Read moreCredit to Author: Junestherry Dela Cruz| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).
Read moreCredit to Author: Peter Girnus| Date: Tue, 17 Jan 2023 00:00:00 +0000
We discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to distribute NjRAT (also known as Bladabindi) to infect victims across the Middle East and North Africa.
Read moreCredit to Author: Nitesh Surana| Date: Mon, 16 Jan 2023 00:00:00 +0000
Proof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers can abuse for cloud-based trusted malware delivery. Once exploited, malicious actors can abuse legitimate GitHub accounts to create a malware file server.
Read moreCredit to Author: Vince Kearns| Date: Thu, 12 Jan 2023 00:00:00 +0000
As the threat landscape evolves and the cost of data breaches increase, so will cyber insurance requirements from carriers. Cyber Risk Specialist Vince Kearns shares his 4 predictions for 2023.
Read moreCredit to Author: Michael Draeger| Date: Tue, 10 Jan 2023 00:00:00 +0000
Running real-world attack simulations can help improve organizations’ cybersecurity resilience
Read moreCredit to Author: Hitomi Kimura| Date: Mon, 09 Jan 2023 00:00:00 +0000
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player.
Read moreCredit to Author: Armando Nathaniel Pedragoza| Date: Thu, 05 Jan 2023 00:00:00 +0000
The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users.
Read moreCredit to Author: Kazuhisa Tagaya| Date: Mon, 26 Dec 2022 00:00:00 +0000
Yohei Ishihara, IoT security evangelist at Trend Micro, discussed the challenges CISOs facing within organizations driving industrial IoT.
Read moreCredit to Author: Ian Kenefick| Date: Fri, 23 Dec 2022 00:00:00 +0000
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks.
Read more