Telegram CEO Pavel Durov charged with allowing criminal activity
Telegram CEO Pavel Durov has been arrested in France which raises a lot of questions about the reasons behind the arrest.
Read moreCODAC Behavioral Healthcare, US Marshalls are latest ransomware targets
Ransomware gangs love sensitive data from healthcare and support organizations to increase their leverage on the victims
Read moreProtecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities
Credit to Author: Hitomi Kimura| Date: Thu, 12 Sep 2024 00:00:00 +0000
In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671.
Read moreEarth Preta Evolves its Attacks with New Malware and Strategies
Credit to Author: Lenart Bermejo| Date: Mon, 09 Sep 2024 00:00:00 +0000
In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.
Read moreTIDRONE Targets Military and Satellite Industries in Taiwan
Credit to Author: Pierre Lee| Date: Fri, 06 Sep 2024 00:00:00 +0000
Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.
Read moreBanking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Credit to Author: Mhica Romero| Date: Thu, 05 Sep 2024 00:00:00 +0000
Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection.
Read moreEarth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion
Credit to Author: Cedric Pernet| Date: Wed, 04 Sep 2024 00:00:00 +0000
While monitoring Earth Lusca, we discovered the threat group’s use of KTLVdoor, a highly obfuscated multiplatform backdoor, as part of a large-scale attack campaign.
Read moreHow AI Goes Rogue
Credit to Author: AI Team| Date: Tue, 03 Sep 2024 00:00:00 +0000
This is the second blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.
Read moreThreat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool
Credit to Author: Mohamed Fahmy| Date: Thu, 29 Aug 2024 00:00:00 +0000
Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.
Read moreAI Pulse: Sticker Shock, Rise of the Agents, Rogue AI
Credit to Author: AI Team| Date: Thu, 29 Aug 2024 00:00:00 +0000
This issue of AI Pulse is all about agentic AI: what it is, how it works, and why security needs to be baked in from the start to prevent agentic AI systems from going rogue once they’re deployed.
Read more