July 5, 2024 at 05:04AM Summary: The blog entry discusses how attackers can use the Jenkins Script Console for cryptomining by executing malicious Groovy scripts if the console is not properly configured. Misconfigurations and vulnerable Jenkins servers can enable remote code execution and the deployment of cryptocurrency miners. The entry also provides mitigations and indicators … Read more
June 14, 2024 at 08:43AM The blog entry analyzes the Noodle RAT backdoor, indicating it is used by Chinese-speaking groups involved in espionage and cybercrime. It covers the history, functionalities, communication protocols, and similarities to other malware such as Gh0st RAT and Rekoobe. The potential server-side components of Noodle RAT were also disclosed. For more … Read more
June 11, 2024 at 04:39AM Summary: This blog post analyzes the Noodle RAT backdoor, used by Chinese-speaking groups in cybercrime and espionage. It covers the backdoor’s history, capabilities for Windows and Linux, command-and-control communication, backdoor commands, similarities with Gh0st RAT and Rekoobe, and the discovery of a control panel and builder for Noodle RAT. Authors: … Read more
June 6, 2024 at 03:59AM Summary: A novel cryptojacking attack campaign called Commando Cat exploits exposed Docker remote API servers to deploy cryptocurrency miners using Docker images from the open-source Commando project. Malicious actors use the cmd.cat/chattr image to gain initial access, employing techniques like chroot and volume binding to access the host system. Recommendations … Read more
June 5, 2024 at 12:48PM The 2024 SANS Threat-Hunting Survey reveals a growing maturity in threat-hunting methodologies, reflecting an increased adoption of formal processes in cybersecurity strategies. The survey also highlights evolving practices in sourcing intelligence, outsourcing threat hunting, and challenges related to skill shortages and tool limitations. Organizations are striving to enhance threat hunting … Read more
June 4, 2024 at 05:16PM The 2024 SANS Threat Hunting Survey reveals a rise in organizations adopting formal threat-hunting processes, reflecting a standardized approach in cybersecurity strategies. The survey’s participants span various industries and organization sizes, showcasing the multifaceted nature of threat hunting. Notably, prevalent cyber threats include BEC and ransomware, prompting evolving threat-hunting practices … Read more
May 23, 2024 at 09:09AM Bolster, a multi-channel phishing protection provider, has secured $14 million in a Series B funding round led by Microsoft’s M12, with additional funding from several other ventures. The Santa Clara-based company founded in 2019 uses AI and ML to prevent phishing and impersonation attacks. The funding will accelerate go-to-market initiatives … Read more
May 10, 2024 at 09:36AM Artificial intelligence (AI) is revolutionizing cybersecurity by outsmarting advanced cyber threats. “The Future of Threat Hunting is Powered by Generative AI” webinar, led by Censys Security Researcher Aidan Holland, will showcase CensysGPT – a cutting-edge tool enabling quicker threat detection, simplified competitor searches, and actionable insights from network data. Attend … Read more
May 1, 2024 at 06:06PM Intel 471 announced the acquisition of Cyborg Security to enhance threat hunting capabilities. The merger aims to provide intelligence-led threat hunting and support operational success, aiming to deliver ROI for customers. The convergence of threat hunting and CTI is driving the cybersecurity industry. The move combines Intel 471’s CTI prowess … Read more
April 23, 2024 at 08:27AM A webinar titled “Supply Chain Under Siege: Unveiling Hidden Threats” is being offered by industry experts to equip attendees with knowledge on identifying and neutralizing supply chain threats in the cybersecurity landscape. The session will cover the anatomy of supply chain threats, proactive threat hunting methodologies, case studies, practical steps … Read more