October 16, 2024 at 12:30PM Threat actors are exploiting the open-source EDRSilencer tool to evade endpoint detection and response (EDR) solutions. Trend Micro reports that EDRSilencer blocks the outbound traffic of various EDR processes, aiding malicious activities by rendering security software ineffective. This trend highlights the increasing use of advanced tools to circumvent security measures. … Read more
October 14, 2024 at 05:00AM Threat actors are exploiting a critical vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware, leveraging compromised VPN credentials. Sophos warns of successful attacks via unprotected systems. In parallel, new ransomware variants like Lynx and Trinity are emerging, highlighting increasing cybersecurity threats across sectors. ### Meeting … Read more
September 17, 2024 at 10:21AM The security landscape faces an unknown challenge: adversarial use of AI. BlackBerry’s whitepaper delves into AI and its threat, including deepfakes, gen-AI malware, and phishing. The paper stresses the need for effective AI detection and prevention systems to counter the evolving AI threats and the urgency of global, societal solutions. … Read more
September 9, 2024 at 11:18AM Infinidat experts will present a webinar on September 16th, addressing the need for robust and resilient enterprise storage systems in the face of sophisticated cyber threats like ransomware and malware. Topics include reducing threat window, data immutability, and rapid recovery strategies. Register to gain insights into safeguarding your organization’s data. … Read more
September 9, 2024 at 09:27AM An academic researcher has developed a new attack technique, named RAMBO, that uses radio signals from memory buses to exfiltrate data from air-gapped systems. The technique allows for the capture of encoded files, encryption keys, images, keystrokes, and biometric information at a rate of 1,000 bits per second from up … Read more
August 14, 2024 at 02:15PM An ongoing social engineering campaign linked to the Black Basta ransomware group involves multiple intrusion attempts aiming at credential theft and deploying the SystemBC malware dropper. Threat actors use tactics such as email bombing, phone calls, and fake solutions to persuade users to download legitimate remote access software for deploying … Read more
July 30, 2024 at 01:07PM Google Chrome on Windows introduces app-bound encryption to enhance cookie protection and defend against information-stealing malware. This encryption, explained by software engineer Will Harris, ties data to app identity, making it accessible only to the intended app. The enhanced protection will be extended to passwords, payment data, and other sensitive … Read more
May 16, 2024 at 09:35AM Google has announced new security features for Android 15 and Google Play Protect to block scams, fraud, and malware apps on devices. Also, there will be tools and policies to help developers build safer apps. The features include protection against banking malware and spyware, as well as features to protect … Read more
April 28, 2024 at 10:30PM Discord data harvesting site Spy.pet, which gathered information on over 620 million users, was shut down after its existence became known. Discord is working to take action and considering legal action. Critical vulnerabilities in OT world include issues in Honeywell, Hitachi Energy, and Rockwell Automation. Additionally, an infostealer campaign is … Read more
April 2, 2024 at 02:13PM Google has unveiled a new Chrome security feature called Device Bound Session Credentials (DBSC), which cryptographically binds authentication cookies to a specific device, preventing hackers from stealing them for account hijacking. This enhanced security measure effectively thwarts cookie theft malware and is expected to be supported by half of Chrome … Read more