Forecasting Metaverse Threats: Will it Become Metaworse?

Forecasting Metaverse Threats: Will it Become Metaworse?

The term “metaverse” was first used by Neal Stephenson in his 1992 cyberpunk novel Snow Crash. It describes a virtual world that can be explored using avatars, offering players a completely immersive experience. Today, we see similar worlds in massively multiplayer online role-playing games (MMORPGs) such as Roblox, Minecraft, Fortnite, Second Life, and others, but these games are still nowhere close to the immersive experience described in Snow Crash.  The modern metaverse concept consists of…

Read More

Facebook’s Metaverse is Expanding the Attack Surface

Facebook’s Metaverse is Expanding the Attack Surface

Thirty years ago, Paramount trademarked the name “Holodeck.” An artifact of Star Trek: The Next Generation, the holodeck was a magical, computer-generated world where characters lived in another realm – either a historical place or an entirely fictious domain, based on old movies, books, or a character’s imagination. As in much science fiction, the holodeck’s inner workings were never explained, except when dealing with a malfunction: the safety protocols stopped working, an alien took over the…

Read More

Oil and Gas Cybersecurity: Industry Overview Part 1

Oil and Gas Cybersecurity: Industry Overview Part 1

The oil and gas industry is no stranger to major cybersecurity attacks, attempting to disrupt operations and services. Most of the best understood attacks against the oil industry are initial attempts to break into the corporate networks of oil companies. Geopolitical tensions can cause major changes not only in physical space, but also in cyberspace. In March 2022, our researchers observed several alleged cyberattacks perpetrated by different groups. It has now become important more than…

Read More

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of ransomware-as-a-service affiliates. By: Nathaniel Morales, Ivan Nicole Chavez, Monte de Jesus, Lala…

Read More

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike Cyber Threats Gootkit has been known to use fileless techniques to drop Cobalt Strike and other malicious payloads. Insights from a recent attack reveal updates in its tactics. By: Buddy Tancio, Jed Valderama July 27, 2022 Read time:  ( words) Our in-depth analysis of what began as an unusual PowerShell script revealed intrusion sets associated with Gootkit loader. In the past, Gootkit used freeware installers…

Read More

Trend Micro Joins AWS Marketplace Vendor Insights

Trend Micro Joins AWS Marketplace Vendor Insights

Cloud computing is on a roll. Gartner predicts that spending on public cloud services including IaaS, SaaS and PaaS will reach nearly $500bn this year and grow by over 21% to hit $600bn by 2023. But security concerns persist. Marketplaces like the one offered by AWS make it a lot easier to get the right security tools in the hands of those that need them most. But finding the right cybersecurity partners can still be…

Read More

Better Together: AWS and Trend Micro

Better Together: AWS and Trend Micro

There’s a very good reason why AWS remains a leader in cloud computing. While many providers describe themselves as “customer obsessed,” few come close to our long-time partner in the lengths it goes to earn and retain the trust of its customers. AWS starts with the customer and works backwards. That means the vast majority of its feature enhancements and new services are directly driven from their input. The latest is Amazon GuardDuty Malware Protection….

Read More

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

As part of its encryption process, LockBit 3.0 appends the extension HLJkNskOq (Figure 3) and changes the icons of encrypted files to that of the aforementioned .ico file. Similarities to BlackMatter ransomware Researchers have pointed out that portions of LockBit 3.0’s code seem to be borrowed from the BlackMatter ransomware, hence the nickname LockBit Black. Likewise, we found similarities between BlackMatter and the new LockBit variant during our debugging of the LockBit 3.0 sample. From…

Read More

Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography

Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography

Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography Cloud In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking. By: Alfredo Oliveira, David Fiser July 21, 2022 Read time:  ( words) Previously, we reported on how threat actors are targeting multiple cloud environments such as Huawei Cloud to host cryptocurrency-mining malware by abusing misconfiguration issues and weak or stolen…

Read More
1 11 12 13 14 15 27