Credit to Author: Peter Girnus| Date: Fri, 09 Jun 2023 00:00:00 +0000
We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities.
Read moreCredit to Author: Kazuhisa Tagaya| Date: Fri, 19 May 2023 00:00:00 +0000
This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23.
Read moreCredit to Author: Nitesh Surana| Date: Fri, 19 May 2023 00:00:00 +0000
This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities.
Read moreCredit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.
Read moreCredit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000
Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.
Read moreCredit to Author: Trend Micro Research| Date: Tue, 07 Feb 2023 00:00:00 +0000
In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs.
Read moreCredit to Author: Nitesh Surana| Date: Wed, 26 Oct 2022 00:00:00 +0000
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools.
Read moreCredit to Author: Nitesh Surana| Date: Mon, 12 Sep 2022 00:00:00 +0000
One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022.
Read moreCredit to Author: David Fiser| Date: Wed, 17 Aug 2022 00:00:00 +0000
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.
Read moreCredit to Author: Daniel Lunghi| Date: Fri, 12 Aug 2022 00:00:00 +0000
We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack.
Read more