Collaborate Disseminate
Unidentified cyber threat actors have started using Brute Ratel C4 (BRc4), an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint security solutions and gain a foothold on target networks, Palo Alto Networks resear… Continue reading Threat actors exchange beacons for badgers to evade endpoint security
In this video for Help Net Security, Corey Nachreiner, CSO at WatchGuard Technologies, gives a high-level summary of the Internet Security Report for Q4 2021, which revealed all of the threats were up, whether they’re network attacks or malware. … Continue reading Network attacks increased to a 3-year high
Electromagnetic (EM) emanations can be recorded and used to detect and identify malware running on IoT devices, a group of researchers working at IRISA have proven. The setup for collecting EM emanations This novel malware detection approach also offer… Continue reading Detect and identify IoT malware by analyzing electromagnetic signals
JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times. This is not the first time that malicious packages have been succ… Continue reading Malicious Python packages employ advanced detection evasion techniques
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry. About the fixed vulnerability The vulnerability, flagged by security researchers Kajetan Grzybows… Continue reading GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
Engaging training scenarios, plus robust phishing simulation and reporting capabilities ESET is a market-leading cybersecurity provider, offering a comprehensive security platform for organizations throughout the world. To counter the complex attacks u… Continue reading Product showcase: ESET Cybersecurity Awareness Training
74% of threats detected in Q1 2021 were zero day malware – or those for which a signature-based antivirus solution did not detect at the time of the malware release – capable of circumventing conventional antivirus solutions, according to WatchGuard. T… Continue reading Zero day malware reached an all-time high of 74% in Q1 2021
29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection, according to a HP report. 88% of malware was delivered by email into users’ inboxes, in many cases… Continue reading Years-old MS Office, Word flaws most exploited to deliver malware
Despite an 8% decrease in overall malware detections in Q2 2020, 70% of all attacks involved zero day malware – variants that circumvent antivirus signatures, which represents a 12% increase over the previous quarter, WatchGuard found. Malware de… Continue reading Layered security becomes critical as malware attacks rise
Google is providing a new “risky files” scanning feature to Chrome users enrolled in its Advanced Protection Program (APP). About the Advanced Protection Program Google introduced the Advanced Protection Program in 2017. It’s primaril… Continue reading Google offers high-risk Chrome users additional scanning of risky files