February 9, 2024 at 11:00AM A new Rust-based macOS malware, known as RustDoor, has been spreading as a Visual Studio update, providing backdoor access to compromised systems. Linked to the ALPHV/BlackCat ransomware gang’s infrastructure, it communicates with command and control servers potentially associated with ransomware operations. The malware has advanced capabilities and is distributed under … Read more
February 8, 2024 at 12:54PM Tabletop exercises are a cost-effective method to assess an organization’s ability to defend and respond to cyberattacks. Based on the meeting notes, the key takeaway is that tabletop exercises are an effective and affordable method for testing an organization’s defense and response capabilities to cyberattacks. Full Article
February 8, 2024 at 11:40AM “Ov3r_Stealer” is a novel malware targeting Facebook users through job ads. It steals various data types including geolocation, passwords, and credit card information. The malware uses multiple execution methods and its origin involves complex communication channels and pseudonyms. As a modular tool, it can facilitate other malware and pose a … Read more
February 8, 2024 at 09:08AM Cybersecurity researcher and associate charged in California for allegedly defrauding a tech company (most likely Apple) of $2.5 million. They gained access to Apple’s systems via a third-party contractor, ordering gift cards and hardware and selling them to third parties. An unsealed court indictment points to the defendants’ involvement. The … Read more
February 8, 2024 at 08:11AM Telemetry data reveals the heightened risks of IoT and OT networks due to sophisticated attacks and a surge in vulnerabilities. Nozomi Networks’ analysis of 2023 data highlights a spike in threats, signaling a shift towards more sophisticated cyberattack methods. However, cyberattacks on IoT devices saw a 12% decrease. The increase … Read more
February 7, 2024 at 04:18PM Flare, a leading CTEM provider, has released a report analyzing the threat landscape and risks to NATO countries posed by initial access brokers (IABs) on Russian hacking forums. The report identified recent IAB activity in 21 out of 31 NATO countries, focusing on targeting critical infrastructure sectors and the US … Read more
February 6, 2024 at 08:35AM The fuzzing framework utilizes AI to enhance code coverage and accelerate vulnerability detection. Based on the meeting notes, the key takeaways are: – The fuzzing framework utilizes AI to enhance code coverage – The AI also helps to expedite vulnerability discovery Full Article
February 4, 2024 at 12:19PM The article emphasizes the importance of measuring the effectiveness of vulnerability management programs using the right metrics and analytics. It highlights key metrics to track, such as scan coverage, average time to fix, risk score, issues, and attack surface monitoring. Proper measurement enables informed decision-making, resource allocation, and improved security … Read more
February 4, 2024 at 12:19PM The U.S. government neutralized the China-linked Volt Typhoon botnet hijacking U.S.-based SOHO routers vulnerable due to end-of-life status. The botnet facilitated covert data transfer through compromised routers and VPN hardware, impacting critical infrastructure sectors. Law enforcement efforts aimed to disrupt the botnet’s activities, emphasizing the need for secure-by-design practices in … Read more
February 4, 2024 at 10:39AM “Leaky Vessels” vulnerabilities were discovered by Snyk security researcher, allowing hackers to escape containers and access underlying system data. No active exploitation was found, but impacted parties are advised to apply available security updates promptly. The flaws affected runc and Buildkit, impacting Docker, Kubernetes, and more. Patched versions were released … Read more