November 5, 2024 at 05:34PM Securonix identified a novel cyberattack campaign, CRON#TRAP, where attackers use an emulated Linux environment to stage malware undetected. This technique, utilizing QEMU and Tiny Core Linux, allows covert data harvesting. Targeting North America, the campaign highlights the need for stronger phishing defenses and endpoint monitoring by organizations. ### Meeting Takeaways … Read more
March 8, 2024 at 03:45AM Threat actors are using the QEMU open-source hardware emulator for tunneling during cyber attacks, marking the first known use of QEMU for this purpose. Kaspersky researchers discovered that QEMU enables creating virtual network interfaces, allowing communication with remote servers. This tactic demonstrates the evolving strategies of threat actors to blend … Read more
March 5, 2024 at 11:50AM Malicious actors used QEMU as a tunneling tool to establish a network tunnel in a cyberattack on a large company. This unusual case demonstrates the diverse methods attackers use to evade detection. Kaspersky analysts discovered the attack and emphasized the need for multi-level protection, including 24/7 network monitoring, to defend … Read more