Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. By: Stephen Hilt, Fernando Merces January 20, 2022 Read time:  ( words) Threats to the internet of things (IoT) continue to evolve as users and businesses grow increasingly reliant on these tools for constant connectivity, access to information and data, and workflow continuity. Cybercriminals have taken notice of this dependence and now…

Read More

New Ransomware Spotted: White Rabbit and Its Evasion Tactics

New Ransomware Spotted: White Rabbit and Its Evasion Tactics

New Ransomware Spotted: White Rabbit and Its Evasion Tactics Ransomware We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer. By: Arianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao January 18, 2022 Read time:  ( words) We spotted the new ransomware family White Rabbit discretely making a name for itself by executing an attack on a local US bank in December 2021. This newcomer takes a page from Egregor, a more established ransomware family, in hiding its malicious activity and carries a potential connection to the advanced persistent…

Read More

Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

Since mid-2021, we have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a campaign that uses traditional social engineering techniques such as spear phishing and watering holes. The group’s primary motivation seems to be cyberespionage: the list of its victims includes high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong, Covid-19 research organizations, and the media, among others. However,…

Read More

Cybersecurity for Industrial Control Systems: Part 1

Cybersecurity for Industrial Control Systems: Part 1

Cybersecurity for Industrial Control Systems: Part 1 Ransomware In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats. By: Trend Micro Research January 15, 2022 Read time:  ( words) The ever-changing technological landscape has made it possible for the business process on the IT side of an enterprise to be interconnected with the physical process on the OT…

Read More

Analyzing an Old Bug and Discovering CVE-2021-30995

Analyzing an Old Bug and Discovering CVE-2021-30995

On April 26, 2021 Apple patched CVE-2021-1740, which was a vulnerable function inside the system daemon process cfprefsd (these types of processes usually run in the background and handle system tasks). The bug could have been exploited to read arbitrary files, write arbitrary files, and get root privilege escalation. It was addressed in Apple’s Security Update 2021-002 (Catalina) for a variety of Apple operating systems, including iOS and macOS. However, in early August 2021, Zhipeng…

Read More

Codex Exposed How Low Is Too Low When We Generate Code

Codex Exposed How Low Is Too Low When We Generate Code

Codex Exposed How Low Is Too Low When We Generate Code In a series of blog posts, we explore different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers but also malicious users. This is the second part of the series. By: Forward-Looking Threat Research Team January 14, 2022 Read time:  ( words) In June 2020, OpenAI released version 3 of its Generative Pre-trained…

Read More

This Week in Security News – January 14, 2022

This Week in Security News – January 14, 2022

Read on: Defending Systems Against Attacks with Layers of Remote Control As organizations brace themselves for the year ahead, now is an opportune time to take stock of how they can strengthen their security posture and shore up their defenses. While organizations may have the power of leading-edge cybersecurity solutions on their side, malicious actors continue to work diligently to refine their methods and take advantage of vulnerabilities every chance they get. Congress To Update…

Read More

LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk

LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk

First, we compiled the code into something easily handled by a fuzzer. For our purposes, we used the generation method that will allow us to cover as many code paths as possible with legitimate and dumb fuzzing using the AFL++ framework (evolution of AFL). This supplies some instrumentation for mutating pseudorandom bits, bytes, and words. We also attempted to collect every type of message that could be interpreted by the parser. We used the persistent…

Read More

Defending Systems Against Attacks With Layers of Remote Control

Defending Systems Against Attacks With Layers of Remote Control

Fortunately, we were able to provide the customer with timely alert and intervention from the moment the initial intrusion via the cloud server was observed all the way to guidance during the cleanup and remediation process. Insights from the threat report and the threat handling perspective Incidents such as this provide security teams opportunities to see attacks from different angles and in a big-picture manner. We discuss key insights below that organizations can consider when…

Read More

This Week in Security News – January 7, 2022

This Week in Security News – January 14, 2022

Read on: Are Endpoints at Risk for Log4Shell Attacks The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3 rating based on CVSS…

Read More
1 21 22 23 24 25 27