AWS re:Invent 2021 Guide: Checklist & Key Sessions

AWS re:Invent 2021 Guide: Checklist & Key Sessions

AWS re:Invent 2021 Guide: Checklist & Key Sessions Cyber Threats Welcome to your complete guide to AWS re:Invent 2021, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually. By: Aaron Ansari November 29, 2021 Read time:  ( words) AWS re:Invent is back in person for 2021 – providing the opportunity for viewing of their world-class content in the flesh. If you decide…

Read More

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

Conclusion The number of arrival mechanism variations used in BazarLoader campaigns continue to increase as threat actors diversify their attack patterns to evade detection. However, both techniques are noteworthy and still work despite their lack of novelty due to singular detection technologies’ limitations. For instance, while the use of compromised installers has been observed with other malware, the large file size can still challenge detection solutions — such as sandboxes — which may implement file…

Read More

This Week in Security News – November 19, 2021

This Week in Security News – November 19, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how the QAKBOT Loader malware has evolved its techniques and strategies over time. Also, read about the most recent initiative by the legislation to further cybersecurity protection. Read on: QAKBOT Loader Returns with New Techniques and Tools QAKBOT is a prevalent information-stealing malware that was first…

Read More

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains Exploits & Vulnerabilities Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell. By: Mohamed Fahmy, Sherif Magdy, Abdelrhman Sharshar November 19, 2021 Read time:  ( words) In September, Squirrelwaffle emerged as a new loader that is spread through spam campaigns. It is…

Read More

Digital Transformation Post-Pandemic Stats & Research

Digital Transformation Post-Pandemic Stats & Research

IT and business leaders have rarely seen eye-to-eye on cybersecurity, but today the friction seems more pronounced than ever. New Trend Micro research found that over 90% of IT decision-makers believe their organization would be willing to compromise on cybersecurity in favor of other priorities like digital transformation, productivity or customer experience. The short-term benefits of such a strategy are not worth the long-term costs. To succeed in the post-pandemic era, organizations must reconcile this…

Read More

Global Operations Lead to Arrests of Alleged Members of GandCrab REvil and Cl0p Cartels

Global Operations Lead to Arrests of Alleged Members of GandCrab REvil and Cl0p Cartels

A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private partners, including Trend Micro, sought to crack down on big ransomware operators. About the GandCrab/REvil arrests According to a report by Interpol, the global operation, which was done by 19 law enforcement agencies in 17 countries, led to the apprehension of seven suspects linked as “affiliates” or…

Read More

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking Cloud We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. By: David Fiser, Alfredo Oliveira November 15, 2021 Read time:  ( words) It’s been known that threat actors are actively exploiting misconfigured Linux-powered servers, regardless of whether they run on-premises or in the cloud. The compromised devices are mostly used for cryptojacking purposes with the dominance of mining…

Read More

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments Using a new batch of campaign samples, we take a look at its more recent cybercrime contributions and compare them with its previous deployments to demonstrate the group’s use of upgraded tools and payloads. By: David Fiser, Alfredo Oliveira November 11, 2021 Read time:  ( words) In previous entries, we described how the hacking group TeamTNT targeted unsecured Redis instances, exposed Docker APIs, and vulnerable Kubernetes clusters in order to deploy cryptocurrency-mining payloads and credential…

Read More

Adjusting remote work polices in the future will prepare companies for next wave of threats

Adjusting remote work polices in the future will prepare companies for next wave of threats

Adjusting remote work polices in the future will prepare companies for next wave of threats | 2021-08-04 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy…

Read More
1 15 16 17 18