Collaborate Disseminate
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
The post Shadowy hacking group targeting Israel shows outsized capabilities appeared first on CyberScoop.
Continue reading Shadowy hacking group targeting Israel shows outsized capabilities
Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What makes Symbiote different from other Linux malware that we usually come acros… Continue reading Researchers unearth highly evasive “parasitic” Linux malware
A threat actor is exploiting vulnerable on-prem Microsoft Exchange servers and using hijacked email threads to deliver the IceID (BokBot) trojan without triggering email security solutions. “The payload has also moved away from using office docum… Continue reading IceID trojan delivered via hijacked email threads, compromised MS Exchange servers
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2011. “In the Linux and macOS versions, it masquerades as a system update. In the Windows version, it masquerades as Intel drivers. The upd… Continue reading A new multi-platform backdoor is leveraged by an advanced threat actor
Lightspin announced the addition of four strategic executive members to its advisory board and board of directors: Guarav Kumar, Srinath Kuruvadi, Steve Pugh, and Ron Zoran. The new members each have an established track record as industry CISOs and cl… Continue reading Lightspin adds four executive members to its Advisory Board and Board of Directors
Attackers increasingly strive to leverage cloud weaknesses that enable them to deliver malware to end users, gain unauthorized access to production environments or their data, or completely compromise a target environment. This strategy is known as a w… Continue reading How do I select a cloud security solution for my business?
Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters. Continue reading TeamTNT Gains Full Remote Takeover of Cloud Instances
One of the most common and time-consuming cases security operations centers (SOCs) must complete daily are malware investigations. Part…
The post Siemplify and Intezer: Incorporate Genetic Malware Analysis into Your SOAR Platform (Video) appea… Continue reading Siemplify and Intezer: Incorporate Genetic Malware Analysis into Your SOAR Platform (Video)
In recent years, enterprises have adopted next-gen endpoint protection products that are doing an admirable job detecting anomalies. For example, searching for patterns such as remote access to memory, modification of specific registry keys and alertin… Continue reading Memory analysis is the ground truth
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores… Continue reading Shopify, Intezer, & Weaponized Vuln. – Hack Naked News #215