Collaborate Disseminate
Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multi… Continue reading Researchers unearth MotW bypass technique used by threat actors for years
A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s Cy… Continue reading Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys
At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To facilitate the concerted push to get customers to secure their accounts with mul… Continue reading AWS unveils new and improved security features
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques T… Continue reading The most prevalent malware behaviors and techniques
In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, ext… Continue reading Keyloggers, spyware, and stealers dominate SMB malware detections
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburos”), that the US Government att… Continue reading Turla’s Snake malware network disrupted by Five Eyes’ authorities
We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early automation projects have since evolved into full-blown machine-learning frameworks. Si… Continue reading Malware and machine learning: A match made in hell
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing it. This type of analysis may reveal to malware analysts not only what the m… Continue reading 7 open-source malware analysis tools you should try out
Unidentified cyber threat actors have started using Brute Ratel C4 (BRc4), an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint security solutions and gain a foothold on target networks, Palo Alto Networks resear… Continue reading Threat actors exchange beacons for badgers to evade endpoint security
In this video for Help Net Security, Corey Nachreiner, CSO at WatchGuard Technologies, gives a high-level summary of the Internet Security Report for Q4 2021, which revealed all of the threats were up, whether they’re network attacks or malware. … Continue reading Network attacks increased to a 3-year high