June 6, 2024 at 03:59AM Summary: A novel cryptojacking attack campaign called Commando Cat exploits exposed Docker remote API servers to deploy cryptocurrency miners using Docker images from the open-source Commando project. Malicious actors use the cmd.cat/chattr image to gain initial access, employing techniques like chroot and volume binding to access the host system. Recommendations … Read more
June 5, 2024 at 12:48PM The 2024 SANS Threat-Hunting Survey reveals a growing maturity in threat-hunting methodologies, reflecting an increased adoption of formal processes in cybersecurity strategies. The survey also highlights evolving practices in sourcing intelligence, outsourcing threat hunting, and challenges related to skill shortages and tool limitations. Organizations are striving to enhance threat hunting … Read more
June 4, 2024 at 05:16PM The 2024 SANS Threat Hunting Survey reveals a rise in organizations adopting formal threat-hunting processes, reflecting a standardized approach in cybersecurity strategies. The survey’s participants span various industries and organization sizes, showcasing the multifaceted nature of threat hunting. Notably, prevalent cyber threats include BEC and ransomware, prompting evolving threat-hunting practices … Read more
May 23, 2024 at 09:09AM Bolster, a multi-channel phishing protection provider, has secured $14 million in a Series B funding round led by Microsoft’s M12, with additional funding from several other ventures. The Santa Clara-based company founded in 2019 uses AI and ML to prevent phishing and impersonation attacks. The funding will accelerate go-to-market initiatives … Read more
May 10, 2024 at 09:36AM Artificial intelligence (AI) is revolutionizing cybersecurity by outsmarting advanced cyber threats. “The Future of Threat Hunting is Powered by Generative AI” webinar, led by Censys Security Researcher Aidan Holland, will showcase CensysGPT – a cutting-edge tool enabling quicker threat detection, simplified competitor searches, and actionable insights from network data. Attend … Read more
May 1, 2024 at 06:06PM Intel 471 announced the acquisition of Cyborg Security to enhance threat hunting capabilities. The merger aims to provide intelligence-led threat hunting and support operational success, aiming to deliver ROI for customers. The convergence of threat hunting and CTI is driving the cybersecurity industry. The move combines Intel 471’s CTI prowess … Read more
April 23, 2024 at 08:27AM A webinar titled “Supply Chain Under Siege: Unveiling Hidden Threats” is being offered by industry experts to equip attendees with knowledge on identifying and neutralizing supply chain threats in the cybersecurity landscape. The session will cover the anatomy of supply chain threats, proactive threat hunting methodologies, case studies, practical steps … Read more
April 17, 2024 at 04:04PM The notorious Russian military cyber unit, Sandworm, linked to GRU intelligence, engaged in cyberattacks on US and European water and hydroelectric utilities, causing disruptions and a water tank overflow. The group has targeted Ukraine and also impacted US and European critical infrastructure. Mandiant warned of the ongoing threat posed by … Read more
April 10, 2024 at 04:18PM CISA has made its Malware Next-Gen system available for public use, allowing organizations to submit potentially malicious files or URLs for automatic analysis. The service, previously accessible only to .gov and .mil organizations, has already identified around 200 suspicious or malicious files and URLs, demonstrating its value in cyber threat … Read more
March 27, 2024 at 10:06AM The latest report by Google’s Threat Analysis Group and Mandiant reveals a surge in zero-day exploits targeting enterprise-specific software and appliances, surpassing overall zero-day bugs. The increase signals a shift in malicious exploitation targets, with a significant rise in exploits affecting enterprise technologies. The report also delves into the motivations … Read more