Security Affairs

JUNE 9, 2022

Researchers spotted a previously undocumented Chinese-speaking APT, tracked as Aoqin Dragon, targeting entities in Southeast Asia and Australia. Luring users into double-clicking a fake Anti-Virus to execute malware in the victim’s host. Luring users into double-clicking a fake Anti-Virus to execute malware in the victim’s host.

Malware 93

Malware DNS Encryption Education 93

The Last Watchdog

JUNE 4, 2019

Not only does the advanced development at these government agencies contribute to the success of cybersecurity in the state, but also so do many Maryland-based cybersecurity companies. The state counts approximately 109,000 cyber engineers. Two notable examples are Sourcefire, acquired by Cisco for $2.7B

Cybersecurity 144

Cybersecurity Computers and Electronics Technology Marketing 144

Cisco Security

FEBRUARY 25, 2022

In this blog post, I talk to Pete Kaloroumakis from MITRE, who has developed the D3FEND framework. I got into and fell in love with research and development. The first was a commercial cybersecurity company which did malware detection on high-speed networks. So, we proposed a research project to build what became D3FEND.

Engineering 100

Engineering Technology Cybersecurity Internet 100

BH Consulting

SEPTEMBER 7, 2022

This blog is the first in a series where I will cover what a cyberattack involves, outline how it’s carried out, and explain how it might differ depending on your chosen technology platform. The framework divides attacks into 14 separate categories and provides in-depth descriptions of the techniques associated with each one.

Risk 52

Risk Backups Technology Ransomware 52

Digital Shadows

NOVEMBER 10, 2022

State-sponsored advanced persistent threat (APT) groups may also decide to target global sporting events like the Qatar 2022 World Cup to achieve state goals to the hosting country or the broader event community. These potential incidents fall under four categories, brand protection, cyber threat, physical protection, and data leakage.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

eSecurity Planet

MAY 5, 2021

Rapid7 Managed Detection and Response services use a variety of solutions for detecting advanced threats , including proprietary threat intelligence technology, human experts, analysis and behavioral analytics. This team uses all of CrowdStrike’s modules to offer comprehensive protection against malware and malware-free attacks.

Threat Detection 57

Threat Detection Technology Artificial Intelligence Cybersecurity 57

Security Boulevard

JANUARY 17, 2024

This blog post describes methods that SpecterOps consultants have researched to successfully circumvent this technology during offensive assessments. We categorize our suggested techniques into three categories: ingress, egress, and bypass. In this function, it does an excellent job.

DNS 61

DNS Penetration Testing Passwords Encryption 61

SecureList

MAY 11, 2023

A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. We created a private report about this after an article claimed that the malware was used in the geopolitical conflict. We named it RedAlert/N13V.

Ransomware 115

Ransomware Malware Architecture Telecommunications 115

Security Boulevard

APRIL 20, 2022

Retail and wholesale moved from the fifth-most phished industry category all the way to first, ahead of last year’s most phished industry, manufacturing. This includes policy-defined high-risk URL categories commonly used for phishing such as newly observed and newly activated domains. Improve Your Phishing Defenses.

Phishing 112

Phishing Retail Risk Architecture 112

McAfee

SEPTEMBER 14, 2021

A special thanks to our Professional Services’ IR team, ShadowServer , for historical context on C2 domains, and Thomas Roccia /Leandro Velasco for malware analysis support. McAfee customers are protected from the malware/tools described in this blog. We will highlight a few in each category. Executive Summary.

Malware 144

Malware DNS Accountability Manufacturing 144

CyberSecurity Insiders

MARCH 5, 2021

On December 13 2020, multiple vendors such as FireEye and Microsoft reported emerging threats from a nation-state threat actor who compromised SolarWinds, and trojanized SolarWinds Orion business software updates in order to distribute backdoor malware called SUNBURST. Distribution of Victims by Industry Category. DomainName.

DNS 138

DNS Education Malware Telecommunications 138

ForAllSecure

FEBRUARY 22, 2023

WIENS: Yeah, so So Vector 35 grew out of a number of folks that were playing CTFs that were doing vulnerability research doing reverse engineering for government contracting purposes and then thought like, you know what, it'd be nice to see sunshine, have a window at her office, get outside, do more Hilton commercial.

Engineering 40

Engineering Hacking Wireless Marketing 40

Cisco Security

MAY 27, 2022

In part one of our Black Hat Asia 2022 NOC blog , we discussed building the network with Meraki: . Malware Threat Intelligence made easy and available, with Cisco Secure Malware Analytics and SecureX by Ben Greenbaum . Secure Malware Analytics (formerly Threat Grid) . Meraki Scanning API Receiver by Christian Clasen

Malware 72

Malware Accountability DNS Technology 72

SecureList

MAY 12, 2021

Well-known malware families are involved in the biggest and most wide-reaching campaigns. Offers with support (admittedly, more widespread in the financial malware market), usually offer regular updates and make decisions about malware updates. An example of a post on REvil’s blog that includes data stolen from the victim.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123

SecureList

JULY 28, 2022

For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. On January 24, a hash for sophisticated Solaris SPARC malware was posted on Twitter. Recently, researchers at SEKOIA.IO The most remarkable findings. Middle East.

Malware 130

Malware Firmware Phishing Cryptocurrency 130

ForAllSecure

JANUARY 27, 2021

Hammond: I grew up, kind of like any kid like oh I want to make video games or oh I want to be a hacker, and they'll go online and kind of Google and research that sort of thing. Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs.

Computers and Electronics 52

Computers and Electronics InfoSec Hacking Education 52

ForAllSecure

JANUARY 27, 2021

Hammond: I grew up, kind of like any kid like oh I want to make video games or oh I want to be a hacker, and they'll go online and kind of Google and research that sort of thing. Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs.

Computers and Electronics 52

Computers and Electronics InfoSec Hacking Education 52

Fox IT

MAY 4, 2021

Our Research and Intelligence Fusion Team have been tracking the Gozi variant RM3 for close to 30 months. In this post we provide some history, analysis and observations on this most pernicious family of banking malware targeting Oceania, the UK, Germany and Italy. Banking malware targeting mainly Europe & Oceania.

Banking 98

Banking Malware Encryption Architecture 98