BLOG 2024 AI blog APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog 2024 2023
H January(21) February(46) March(44) April(33) May(35) June(67) July(12) August(0) September(0) October(0) November(0) December(0)
DATE | NAME | Info | CATEG. | WEB |
| 31.3.24 | Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) | On March 28, 2024, Red Hat Linux announced CVE-2024-3094 with a critical CVSS score of 10. | Vulnerebility blog | Palo Alto |
| 31.3.24 | Exposing a New BOLA Vulnerability in Grafana | Unit 42 researchers have discovered a new Broken Object Level Authorization (BOLA) vulnerability that impacts Grafana versions from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5. | Vulnerebility blog | Palo Alto |
| 31.3.24 | RDP remains a security concern – Week in security with Tony Anscombe | Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result | Security blog | Eset |
| 31.3.24 | Cybercriminals play dirty: A look back at 10 cyber hits on the sporting world | This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity | Cyber blog | Eset |
| 31.3.24 | Borrower beware: Common loan scams and how to avoid them | Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. | Spam blog | Eset |
| 31.3.24 | Cybersecurity starts at home: Help your children stay safe online with open conversations | Struggle to know how to help children and teens stay safe in cyberspace? A good ol’ fashioned chat is enough to put them on the right track. | Cyber blog | Eset |
| 23.3.24 | Large-Scale StrelaStealer Campaign in Early 2024 | StrelaStealer malware steals email login data from well-known email clients and sends them back to the attacker’s C2 server. | Malware blog | Palo Alto |
| 23.3.24 | Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention | This article reviews the recently discovered FalseFont backdoor, which was used by a suspected Iranian-affiliated threat actor that Unit 42 tracks as Curious Serpens. | Malware blog | Palo Alto |
| 23.3.24 | Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor | This article announces the publication of our first collaborative effort with the State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SCPC SSSCIP). | Malware blog | Palo Alto |
| 23.3.24 | ETHEREUM’S CREATE2: A DOUBLE-EDGED SWORD IN BLOCKCHAIN SECURITY | Ethereum’s CREATE2 function is being exploited by attackers to compromise the security of digital wallets, bypassing traditional security measures and facilitating unauthorized access to funds. | Cryptocurrency blog | Checkpoint |
| 23.3.24 | New details on TinyTurla’s post-compromise activity reveal full kill chain | We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures (TTPs) utilized to steal valuable information from their victims and propagate through their infected enterprises. | APT blog | Cisco Blog |
| 23.3.24 | Netgear wireless router open to code execution after buffer overflow vulnerability | There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak. | Vulnerebility blog | Cisco Blog |
| 23.3.24 | The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions | Talos explores the recent law enforcement takedown of LockBit, a prolific ransomware group that claimed to resume their operations 7 days later. | Ransom blog | Cisco Blog |
| 23.3.24 | Threat actors leverage document publishing sites for ongoing credential and session token theft | Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks. | Incident blog | Cisco Blog |
| 23.3.24 | “Pig butchering” is an evolution of a social engineering tactic we’ve seen for years | In the case of pig butchering scams, it’s not really anything that can be solved by a cybersecurity solution or sold in a package. | Cyber blog | Cisco Blog |
| 23.3.24 | Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word | Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution. | Vulnerebility blog | Cisco Blog |
| 23.3.24 | Not everything has to be a massive, global cyber attack | There are a few reasons why we’re so ready to jump to the “it’s a cyber attack!” | Attack blog | Cisco Blog |
| 23.3.24 | Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft | March’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.” | Vulnerebility blog | Cisco Blog |
| 23.3.24 | You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam | It’s important to be vigilant about tax-related scams any time these deadlines roll around, regardless of what country you’re in, but it’s not like you need to be particularly more skeptical in March and April. | Spam blog | Cisco Blog |
| 23.3.24 | AceCryptor attacks surge in Europe – Week in security with Tony Anscombe | The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT | Malware blog | Eset |
| 23.3.24 | Rescoms rides waves of AceCryptor spam | Insight into ESET telemetry statistics about AceCryptor in H2 2023 with a focus on Rescoms campaigns in European countries | Malware blog | Eset |
| 23.3.24 | A prescription for privacy protection: Exercise caution when using a mobile health app | Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data | Malware blog | Eset |
| 17.3.24 | Inside the Rabbit Hole: BunnyLoader 3.0 Unveiled | This article will focus on the newly released BunnyLoader 3.0, as well as historically observed BunnyLoader infrastructure and an overview of its capabilities. | Malware blog | Palo Alto |
| 17.3.24 | Healthcare still a prime target for cybercrime gangs – Week in security with Tony Anscombe | Healthcare organizations remain firmly in attackers' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in | Ransom blog | Eset |
| 17.3.24 | Threat intelligence explained | Unlocked 403: A cybersecurity podcast | We break down the fundamentals of threat intelligence and its role in anticipating and countering emerging threats | Cyber blog | Eset |
| 17.3.24 | How to share sensitive files securely online | Here are a few tips for secure file transfers and what else to consider when sharing sensitive documents so that your data remains safe | Security blog | Eset |
| 17.3.24 | Election cybersecurity: Protecting the ballot box and building trust in election integrity | What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems? | Cyber blog | Eset |
| 9.3.24 | Threat Group Assessment: Muddled Libra (Updated) | Muddled Libra stands at the intersection of devious social engineering and nimble technology adaptation. With an intimate knowledge of enterprise information technology, this threat group presents a significant risk even to organizations with well-developed legacy cyber defenses. | APT blog | Palo Alto |
| 9.3.24 | MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIES | Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. | Vulnerebility blog | Checkpoint |
| 9.3.24 | GhostSec’s joint ransomware operation and evolution of their arsenal | Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. | Ransom blog | Cisco Blog |
| 9.3.24 | The 3 most common post-compromise tactics on network infrastructure | We discuss three of the most common post-compromise tactics that Talos has observed in our threat telemetry and Cisco Talos Incident Response (Talos IR) engagements. | Cyber blog | Cisco Blog |
| 9.3.24 | Heather Couk is here to keep your spirits up during a cyber emergency, even if it takes the “Rocky” music | The bulk of her career was with a manufacturing company working as a security and email administrator, but she uses her criminal justice degree daily now with Talos IR helping to track down bad actors or helping customers understand adversaries’ motivation and tactics. | Cyber blog | Cisco Blog |
| 9.3.24 | APT attacks taking aim at Tibetans – Week in security with Tony Anscombe | Evasive Panda has been spotted targeting Tibetans in several countries and territories with payloads that included a previously undocumented backdoor ESET has named Nightdoor | APT blog | Eset |
| 9.3.24 | Evasive Panda leverages Monlam Festival to target Tibetans | ESET researchers uncover strategic web compromise and supply-chain attacks targeting Tibetans | APT blog | Eset |
| 9.3.24 | Top 10 scams targeting seniors – and how to keep your money safe | The internet can be a wonderful place. But it’s also awash with fraudsters preying on people who are susceptible to fraud. | Spam blog | Eset |
| 9.3.24 | Irresistible: Hooks, habits and why you can’t put down your phone | Struggle to part ways with your tech? You’re not alone. Here’s why your devices are your vices. | Security blog | Eset |
| 3.3.24 | Wireshark Tutorial: Exporting Objects From a Pcap | Palo Alto Networks customers are better protected from the malware samples in this tutorial through Cortex XDR and XSIAM. | Security blog | Palo Alto |
| 3.3.24 | The Art of Domain Deception: Bifrost's New Tactic to Deceive Users | First identified in 2004, Bifrost is a remote access Trojan (RAT) that allows an attacker to gather sensitive information, like hostname and IP address. | Malware blog | Palo Alto |
| 3.3.24 | Navigating the Cloud: Exploring Lateral Movement Techniques | We explore cloud lateral movement techniques in all three major cloud providers: Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure, highlighting their differences compared to similar techniques in on-premises environments. | Hacking blog | Palo Alto |
| 3.3.24 | TimbreStealer campaign targets Mexican users with financial lures | Talos has observed a phishing spam campaign targeting potential victims in Mexico, luring users to download a new obfuscated information stealer we’re calling TimbreStealer, which has been active since at least November 2023. | Malware blog | Cisco Blog |
| 3.3.24 | Deceptive AI content and 2024 elections – Week in security with Tony Anscombe | As the specter of AI-generated disinformation looms large, tech giants vow to crack down on fabricated content that could sway voters and disrupt elections taking place around the world this year | AI blog | Eset |
| 3.3.24 | Blue Team toolkit: 6 open-source tools to assess and enhance corporate defenses | Here’s how the blue team wards off red teamers and a few open-source tools it may leverage to identify chinks in the corporate armor | Security blog | Eset |
| 3.3.24 | Vulnerabilities in business VPNs under the spotlight | As adversaries increasingly set their sights on vulnerable enterprise VPN software to infiltrate corporate networks, concerns mount about VPNs themselves being a source of cyber risk | Vulnerebility blog | Eset |
| 3.3.24 | 10 things to avoid posting on social media – and why | Do you often take to social media to broadcast details from your life? Here’s why this habit may put your privacy and security at risk. | Social blog | Eset |