Google Security

JANUARY 11, 2024

If you need a refresher, you can read our previous blog post detailing MiraclePtr and its objectives. For instance, we not only rewrote class fields to use MiraclePtr, as discussed in the previous post, but also added MiraclePtr support for bound function arguments, such as Unretained pointers.

71

71

Security Boulevard

NOVEMBER 29, 2023

This blog post seeks to examine several of the key ideas presented in the paper, including research cited from HYAS Labs , the research arm of HYAS , and their work on AI-generated malware (specifically, BlackMamba ), as well as its more sophisticated – and fully autonomous – cousin, EyeSpy.

Artificial Intelligence 52

Artificial Intelligence Malware Risk Government 52

Malwarebytes

AUGUST 3, 2022

This blog post was authored by Ankur Saini and Hossein Jazi. In this blog post, we will analyze Woody Rat's distribution methods, capabilities as well as communication protocol. We will dive into all these commands below in the blog. Distribution methods. C2 Commands. File attributes retrieved by this command are: Filename.

Malware 65

Malware Encryption Antivirus Architecture 65

Security Boulevard

OCTOBER 21, 2021

you trust the SIEM to map the events to the correct category and not to confuse “password guessing” with “logon failure” or whatever. The same arguments apply to any/all black boxes, even if they are full of rules and not ML. Related blog posts: “Security Correlation Then and Now: A Sad Truth About SIEM”.

Passwords 59

Passwords Threat Detection Cybersecurity 59

Security Boulevard

MARCH 20, 2021

She added, “ It’s a strong argument Bob. Claire meanwhile, configured ShiftLeft analysis to lower the severity of Sensitive Data Leaks category to Info by using modify-findings CLI command as explained here. As he navigated to the SQL Injection category, he saw that ShiftLeft was presenting the entire vulnerable data flow as evidence.

Engineering 81

Engineering Passwords Technology Risk 81

NetSpi Technical

MARCH 11, 2024

This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. In late 2015, Nick Landers, Co-Founder of Dreadnode, published a blog on the abuse of Outlook Rules for RCE. USAGE: ruler form add-com [command options] [arguments.]

Authentication 52

Authentication Penetration Testing Technology Phishing 52

The Last Watchdog

JULY 27, 2020

If that sounds like a diversity argument for ethical use of AI, that’s because that’s just what it is. AI tools are designed to put people into categories, Shashanka says. This column originally appeared on Avast Blog.). A hard-to-explain model makes it impossible to get input from a diverse set of stakeholders.”

Surveillance 304

Surveillance Government Accountability Artificial Intelligence 304

SecureList

FEBRUARY 15, 2021

In the case of bitcoin blackmail, the media component was supposed to be a strong argument in the eyes of the victim for paying the ransom without delay, so cybercriminals cited the example of media personalities whose reputation suffered because of an explicit video being published. A law-abiding site owner was likely to do just that.

Phishing 136

Phishing Malware Scams Accountability 136

WIRED Threat Level

DECEMBER 22, 2017

If you’re still holding out for those tier 1 trophy reporters to cover your client, here’s my argument for why you should also think about collaborating with bloggers and social influencers. Check out the possible reach in your target industry, especially if it’s a niche category.

Media 40

Media Marketing Accountability 40

Security Boulevard

JULY 19, 2022

Welcome to my new blog series, “On Detection: Tactical to Functional,” where I intend to explore and expand my understanding of that which we attempt to detect. Tactics, Techniques, and Procedures are all abstract concepts that serve as categories to group concrete things together.

Authentication 64

Authentication Information Security Engineering InfoSec 64

SecureList

DECEMBER 23, 2020

In this blog, we describe two separate incidents. For logging and debugging purposes, the malware stores information in the file provided as the second argument ( c:programdataoracle~TMP739.TMP Relationship of recent Lazarus group attack. TMP in this case). This log file contains timestamps and information about the infection process.

Malware 76

Malware Cryptocurrency Encryption Passwords 76

Elie

DECEMBER 20, 2018

This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. Support for various categories. reuse of passwords found in data breaches and phishing attacks.

Authentication 90

Authentication Internet Internet Software 90

Troy Hunt

AUGUST 7, 2023

We then wanted to distribute the number of domains that would fall into the commercial category roughly equally between those 4 tiers, so it was pretty much a matter of taking what was left after the free ones and dividing them into 4 groups and putting a price on them. This is a big one. A massive one.

Data breaches 229

Data breaches Accountability Cryptocurrency Banking 229

Security Boulevard

JUNE 1, 2023

Our Tool of Interest For this blog post, I will reference a sample shared by DGRonpa in their Process_Injection repository. Using this logic, we can derive an abstract category that represents or can replace any interchangeable function in a Call Stack. So let’s dig in!

Engineering 52

Engineering Malware InfoSec Threat Reports 52

Cisco Security

MAY 27, 2022

In part one of our Black Hat Asia 2022 NOC blog , we discussed building the network with Meraki: . When a Slack user executes a slash command, the command and its arguments are sent to SecureX Orchestration where a workflow handles the command. We also include risk downs breaks by category…. Workflow #1: Handle Slash Commands.

Malware 81

Malware Accountability DNS Technology 81

Troy Hunt

JULY 18, 2019

I don't care about the philosophical arguments to the contrary, I care about working software and in this case, the people have well and truly spoken. So that's all V3 supports. I don't want to have to maintain code and provide support for something people barely use when there's a perfectly viable alternative.

Authentication 230

Authentication Firewall Data breaches Mobile 230

ForAllSecure

MAY 18, 2021

So a lot of it was just kind of figuring out the landscape, looking at different people's blogs tutorials about what they'd found and then going out and trying that out against different companies with bug bounty programs. So in that way I think they were really effective way for me to learn in the real world.

Hacking 52

Hacking Ransomware Cryptocurrency Engineering 52

ForAllSecure

MAY 18, 2021

So a lot of it was just kind of figuring out the landscape, looking at different people's blogs tutorials about what they'd found and then going out and trying that out against different companies with bug bounty programs. So in that way I think they were really effective way for me to learn in the real world.

Hacking 52

Hacking Ransomware Cryptocurrency Engineering 52

Krebs on Security

OCTOBER 5, 2018

Amazon also penned a blog post that more emphatically stated their objections to the Bloomberg piece. ” For my part, I try not to spin my wheels worrying about things I can’t change, and the supply chain challenges definitely fit into that category. You cannot invest in things that the world is not ready to accept yet.'”

Computers and Electronics 229

Computers and Electronics IoT Manufacturing Technology 229

Fox IT

MAY 4, 2021

But if you would like to understand the rather tortured history of this particular malware a little better, the research and blog posts on the subject by Check Point are a good starting point. This is further complicated by the many different names used by the Cyber Threat Intelligence and Anti-Virus industries for this family of malware.

Banking 98

Banking Malware Encryption Architecture 98