New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus

Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts.
The “intriguing” campaign, codenamed CRON#TRA… Continue reading New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus

Posted in Uncategorized

Apple’s 45-day certificate proposal: A call to action

In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. The Apple proposal will likely go up for a vote among Certification Authority… Continue reading Apple’s 45-day certificate proposal: A call to action

Am I Isolated: Open-source container security benchmark

Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isola… Continue reading Am I Isolated: Open-source container security benchmark

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation… Continue reading CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

Posted in Uncategorized

A closer look at the 2023-2030 Australian Cyber Security Strategy

In this Help Net Security video, David Cottingham, CEO of Airlock Digital, discusses the 2023-2030 Australian Cyber Security Strategy and reviews joint and individual cybersecurity efforts, progress, and strategies over the past year. The Australian Go… Continue reading A closer look at the 2023-2030 Australian Cyber Security Strategy

Why AI-enhanced threats and legal uncertainty are top of mind for risk executives

AI-enhanced malicious attacks are the top emerging risk for enterprises in the third quarter of 2024, according to Gartner. Key emerging risks for enterprises It’s the third consecutive quarter with these attacks being the top of emerging risk. IT vend… Continue reading Why AI-enhanced threats and legal uncertainty are top of mind for risk executives