Recent Security News
-
Analyzing AsyncRAT’s Code Injection into aspnet_compiler.exe Across Multiple Incident Response Cases
December 11, 2023 at 04:13AM The blog entry discusses the Analyzing AsyncRAT’s Code Injection into Aspnet_Compiler.exe Across Multiple Incident Response Cases, highlighting how the malware misuses legitimate processes for malicious activities and demonstrates evolving adversary tactics. It emphasizes the malware’s capabilities, infection chain, and strategies for evading detection. The entry also provides mitigation strategies and…
-
SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users
December 11, 2023 at 03:00AM Cybersecurity researchers have uncovered 18 malicious loan apps on the Google Play Store, collectively downloaded over 12 million times. These apps target users in Southeast Asia, Africa, and Latin America, gathering personal and financial information for blackmail. It’s crucial to download apps from official sources and scrutinize permissions and reviews…
-
New PoolParty Process Injection Techniques Outsmart Top EDR Solutions
December 11, 2023 at 01:18AM A new set of process injection techniques called PoolParty was presented at Black Hat Europe 2023. These techniques allow code execution in Windows while evading endpoint detection and response systems. SafeBreach researcher Alon Leviev highlighted their capability to work across all processes, making them more flexible than existing techniques. PoolParty…
-
Over 30% of Log4J apps use a vulnerable version of the library
December 10, 2023 at 10:39AM Around 38% of Apache Log4j applications are still vulnerable to security issues, including the critical Log4Shell flaw (CVE-2021-44228) allowing unauthenticated remote code execution. Despite available patches for over two years, many organizations continue to use insecure versions. It’s recommended that companies scan their environment and develop an emergency upgrade plan…
-
Europe Reaches a Deal on the World’s First Comprehensive AI Rules
December 9, 2023 at 03:00PM EU negotiators reached a historic deal on comprehensive artificial intelligence rules, addressing generative AI, face recognition surveillance, and potential risks. While hailed as a milestone, civil society groups remain cautious, seeking more robust safeguards. The AI Act, set to be voted on in early 2022, could have global implications, with…