DATE |
NAME |
CATEGORY |
WEB |
30.12.23 |
From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely
Threat Intelligence |
Malware blog |
Palo Alto |
30.12.23 |
Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh
Configurations and Privileges in GKE to Gain Unauthorized Access in
Kubernetes |
Exploit blog |
Palo Alto |
30.12.23 |
A year in review: 10 of the biggest security incidents of 2023 |
Incident blog |
Eset |
30.12.23 |
Got a new device? 7 things to do before disposing of your old tech |
Security blog |
Eset |
25.12.23 |
Why Is an Australian Footballer Collecting My Passwords? The Various
Ways Malicious JavaScript Can Steal Your Secrets |
Malware blog |
Palo Alto |
25.12.23 |
THE RISING THREAT OF PHISHING ATTACKS WITH CRYPTO DRAINERS |
Phishing blog |
Checkpoint |
25.12.23 |
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware |
Malware blog |
Cisco Blog |
25.12.23 |
Operation Blacksmith: Lazarus targets organizations worldwide using
novel Telegram-based malware written in DLang |
BigBrother blog |
Cisco Blog |
25.12.23 |
Key findings from ESET Threat Report H2 2023 – Week in security with
Tony Anscombe |
Cyber blog |
Eset |
25.12.23 |
Safeguard the joy: 10 tips for securing your shiny new device |
Safety blog |
Eset |
25.12.23 |
These aren’t the Androids you should be looking for |
OS Blog |
Eset |
25.12.23 |
ESET Threat Report H2 2023 |
Cyber blog |
Eset |
25.12.23 |
ESET Research Podcast: Neanderthals, Mammoths and Telekopye |
Cyber blog |
Eset |
16.12.23 |
RHADAMANTHYS V0.5.0 – A DEEP DIVE INTO THE STEALER’S COMPONENTS |
Ransom blog |
Checkpoint |
16.12.23 |
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled
Domains |
Malware blog |
Palo Alto |
16.12.23 |
New iOS feature to thwart eavesdropping – Week in security with Tony
Anscombe |
OS Blog |
Eset |
16.12.23 |
OilRig’s persistent attacks using cloud service-powered downloaders |
APT blog |
Eset |
16.12.23 |
Delivering trust with DNS security |
Security blog |
Eset |
16.12.23 |
A pernicious potpourri of Python packages in PyPI |
Cyber blog |
Eset |
16.12.23 |
Black Hat Europe 2023: Should we regulate AI? |
Cyber blog |
Eset |
16.12.23 |
Silent but deadly: The rise of zero-click attacks |
Attack blog |
Eset |
10.12.23 |
CRYPTO DECEPTION UNVEILED: CHECK POINT RESEARCH REPORTS MANIPULATION OF
POOL LIQUIDITY SKYROCKETS TOKEN PRICE BY 22,000%. |
Cryptocurrency blog |
Checkpoint |
10.12.23 |
THE OBVIOUS, THE NORMAL, AND THE ADVANCED: A COMPREHENSIVE ANALYSIS OF
OUTLOOK ATTACK VECTORS |
Attack blog |
Checkpoint |
10.12.23 |
Fighting Ursa Aka APT28: Illuminating a Covert Campaign |
APT blog |
Palo Alto |
10.12.23 |
New Tool Set Found Used Against Organizations in the Middle East, Africa
and the US |
BigBrother blog |
Palo Alto |
10.12.23 |
Exploring a Critical Risk in Google Workspace's Domain-Wide Delegation
Feature |
Exploit blog |
Palo Alto |
10.12.23 |
The malware, attacker trends and more that shaped the threat landscape
in 2023 |
Malware blog |
Cisco Blog |
10.12.23 |
Project PowerUp – Helping to keep the lights on in Ukraine in the face
of electronic warfare |
BigBrother blog |
Cisco Blog |
10.12.23 |
Surge in deceptive loan apps – Week in security with Tony Anscombe |
Cyber blog |
Eset |
10.12.23 |
Black Hat Europe 2023: The past could return to haunt you |
Cyber blog |
Eset |
10.12.23 |
To tap or not to tap: Are NFC payments safer? |
Safety blog |
Eset |
10.12.23 |
Navigating privacy: Should we put the brakes on car tracking? |
Security blog |
Eset |
10.12.23 |
Beware of predatory fin(tech): Loan sharks use Android apps to reach new
depths |
OS Blog |
Eset |
2.12.23 |
New Tool Set Found Used Against Organizations in the Middle East, Africa
and the US |
BigBrother blog |
Palo Alto |
2.12.23 |
Exploring a Critical Risk in Google Workspace's Domain-Wide Delegation
Feature |
Security blog |
Palo Alto |
2.12.23 |
New SugarGh0st RAT targets Uzbekistan government and South Korea |
Malware blog |
Cisco Blog |
2.12.23 |
What is threat hunting? |
Security blog |
Cisco Blog |
2.12.23 |
Vulnerabilities in Adobe Acrobat, Microsoft Excel could lead to
arbitrary code execution |
Vulnerebility blog |
Cisco Blog |
2.12.23 |
Teaching appropriate use of AI tech – Week in security with Tony
Anscombe |
Cyber blog |
Eset |
2.12.23 |
Executives behaving badly: 5 ways to manage the executive cyberthreat |
Cyber blog |
Eset |
2.12.23 |
Very precisely lost – GPS jamming |
Hacking blog |
Eset |
2.12.23 |
Retail at risk: Top threats facing retailers this holiday season |
Security blog |
Eset |
2.12.23 |
‘Tis the season to be wary: 12 steps to ruin a cybercriminal's day |
Cyber blog |
Eset |
26.11.23 |
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear
Hallmarks of North Korean Threat Actors |
APT blog |
Palo Alto |
26.11.23 |
THE PLATFORM MATTERS: A COMPARATIVE STUDY ON LINUX AND WINDOWS
RANSOMWARE ATTACKS |
Ransom blog |
Checkpoint |
26.11.23 |
ISRAEL-HAMAS WAR SPOTLIGHT: SHAKING THE RUST OFF SYSJOKER |
BigBrother blog |
Checkpoint |
26.11.23 |
Telekopye's tricks of the trade – Week in security with Tony Anscombe |
BigBrother blog |
Eset |
26.11.23 |
Telekopye: Chamber of Neanderthals’ secrets |
BigBrother blog |
Eset |
26.11.23 |
Your voice is my password |
Safety blog |
Eset |
26.11.23 |
Fuel for thought: Can a driverless car get arrested? |
Cyber blog |
Eset |
18.11.23 |
Stately Taurus Targets the Philippines As Tensions Flare in the South
Pacific |
APT blog |
Palo Alto |
18.11.23 |
MALWARE SPOTLIGHT – INTO THE TRASH: ANALYZING LITTERDRIFTER |
Malware blog |
Checkpoint |
18.11.23 |
A deep dive into Phobos ransomware, recently deployed by 8Base group |
Malware blog |
Cisco Blog |
18.11.23 |
Understanding the Phobos affiliate structure and activity |
Malware blog |
Cisco Blog |
18.11.23 |
7 common mistakes companies make when creating an incident response plan
and how to avoid them |
Incident blog |
Cisco Blog |
18.11.23 |
Attackers use JavaScript URLs, API forms and more to scam users in
popular online game “Roblox” |
Spam blog |
Cisco Blog |
18.11.23 |
We all just need to agree that ad blockers are good |
Security blog |
Cisco Blog |
18.11.23 |
Microsoft discloses only three critical vulnerabilities in November’s
Patch Tuesday update, three other zero-days |
OS Blog |
Cisco Blog |
18.11.23 |
A new video series, Google Forms spam and the various gray areas of
cyber attacks |
Spam blog |
Cisco Blog |
18.11.23 |
Threat Roundup for November 3 to November 10 |
Cyber blog |
Cisco Blog |
18.11.23 |
Spammers abuse Google Forms’ quiz to deliver scams |
Spam blog |
Cisco Blog |
18.11.23 |
What is NIS2, and how can you best prepare for the new cybersecurity
requirements in the EU? |
Safety blog |
Cisco Blog |
18.11.23 |
Threat Roundup for October 27 to November 3 |
Cyber blog |
Cisco Blog |
18.11.23 |
You’d be surprised to know what devices are still using Windows CE |
OS Blog |
Cisco Blog |
18.11.23 |
Safeguarding ports from the rising tide of cyberthreats – Week in
security with Tony Anscombe |
Safety blog |
Eset |
18.11.23 |
Is your LinkedIn profile revealing too much? |
Social blog |
Eset |
15.11.23 |
In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884
and CVE-2023-36584 |
Exploit blog |
Palo Alto |
15.11.23 |
High Traffic + High Vulnerability = an Attractive Target for Criminals:
The Dangers of Viewing Clickbait Sites |
Vulnerebility blog |
Palo Alto |
15.11.23 |
Chinese APT Targeting Cambodian Government |
APT blog |
Palo Alto |
15.11.23 |
Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education
and Tech Sectors |
BigBrother blog |
Palo Alto |
15.11.23 |
GPT VS MALWARE ANALYSIS: CHALLENGES AND MITIGATIONS |
Malware blog |
Checkpoint |
15.11.23 |
ABUSING MICROSOFT ACCESS “LINKED TABLE” FEATURE TO PERFORM NTLM FORCED
AUTHENTICATION ATTACKS |
Attack blog |
Checkpoint |
15.11.23 |
Level up! These games will make learning about cybersecurity fun |
Cyber blog |
Eset |
15.11.23 |
Capture The Flag: 5 websites to sharpen your hacking skills |
Hacking blog |
Eset |
15.11.23 |
Spyware disguised as a news app – Week in security with Tony Anscombe |
Malware blog |
Eset |
15.11.23 |
Cyber threat intelligence: Getting on the front foot against adversaries |
Cyber blog |
Eset |
15.11.23 |
Unlucky Kamran: Android malware spying on Urdu-speaking residents of
Gilgit-Baltistan |
OS Blog |
Eset |
15.11.23 |
Navigating the security and privacy challenges of large language models |
Security blog |
Eset |
|
4.11.23 |
Threat Brief: Citrix Bleed CVE-2023-4966 |
Vulnerebility blog |
Palo Alto |
|
4.11.23 |
Conducting Robust Learning for Empire Command and Control Detection |
Safety blog |
Palo Alto |
|
4.11.23 |
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used
by Pensive Ursa (Aka Turla) |
Malware blog |
Palo Alto |
|
4.11.23 |
CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys |
Malware blog |
Palo Alto |
|
4.11.23 |
BlackCat Climbs the Summit With a New Tactic |
Ransom blog |
Palo Alto |
|
4.11.23 |
FROM ALBANIA TO THE MIDDLE EAST: THE SCARRED MANTICORE IS LISTENING |
BigBrother blog |
Checkpoint |
|
4.11.23 |
Arid Viper disguising mobile spyware as updates for non-malicious
Android applications |
OS Blog |
Cisco Blog |
|
4.11.23 |
Attackers use JavaScript URLs, API forms and more to scam users in
popular online game “Roblox” |
Spam blog |
Cisco Blog |
|
4.11.23 |
Kazakhstan-associated YoroTrooper disguises origin of attacks as
Azerbaijan |
BigBrother blog |
Cisco Blog |
|
4.11.23 |
The mysterious demise of the Mozi botnet – Week in security with Tony
Anscombe |
BotNet blog |
Eset |
|
4.11.23 |
Who killed Mozi? Finally putting the IoT zombie botnet in its grave |
BotNet blog |
Eset |
|
4.11.23 |
Closing the gender gap: 7 ways to attract more women into cybersecurity |
Cyber blog |
Eset |
|
4.11.23 |
20 scary cybersecurity facts and figures for a haunting Halloween |
Security blog |
Eset |
|
4.11.23 |
Roundcube Webmail servers under attack – Week in security with Tony
Anscombe |
Attack blog |
Eset |
|
4.11.23 |
ESET APT Activity Report Q2–Q3 2023 |
APT blog |
Eset |
|
4.11.23 |
Winter Vivern exploits zero-day vulnerability in Roundcube Webmail
servers |
Exploit blog |
Eset |
|
4.11.23 |
One login to rule them all: Should you sign in with Google or Facebook
on other websites? |
Social blog |
Eset |
|
22.10.23 |
Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability
(Updated) |
Vulnerebility blog |
Palo Alto |
|
22.10.23 |
BlackCat Climbs the Summit With a New Tactic |
Ransom blog |
Palo Alto |
|
22.10.23 |
R2R STOMPING – ARE YOU READY TO RUN? |
Cyber blog |
Checkpoint |
|
22.10.23 |
Active exploitation of Cisco IOS XE Software Web Management User
Interface vulnerabilities |
Exploit blog |
Cisco Blog |
|
22.10.23 |
What is Cracktivator software? |
Security blog |
Cisco Blog |
|
22.10.23 |
Why logging is one of the most overlooked aspects of incident response,
and how Cisco Talos IR can help |
Security blog |
Cisco Blog |
|
22.10.23 |
Spearphishing targets in Latin America – Week in security with Tony
Anscombe |
Safety blog |
Eset |
|
22.10.23 |
Strengthening the weakest link: top 3 security awareness topics for your
employees |
Security blog |
Eset |
|
22.10.23 |
Better safe than sorry: 10 tips to build an effective business backup
strategy |
Security blog |
Eset |
|
22.10.23 |
Operation King TUT: The universe of threats in LATAM |
Cyber blog |
Eset |
15.10.23 |
Understanding DNS Tunneling Traffic in the Wild |
Security blog |
Palo Alto |
15.10.23 |
Wireshark Tutorial: Identifying Hosts and Users |
Security blog |
Palo Alto |
15.10.23 |
STAYIN’ ALIVE – TARGETED ATTACKS AGAINST TELECOMS AND GOVERNMENT
MINISTRIES IN ASIA |
BigBrother blog |
Checkpoint |
15.10.23 |
R2R STOMPING – ARE YOU READY TO RUN? |
Cyber blog |
Checkpoint |
15.10.23 |
What to know about the HTTP/2 Rapid Reset DDoS attacks |
Attack blog |
Cisco Blog |
15.10.23 |
10 zero-day vulnerabilities in industrial cell router could lead to code
execution, buffer overflows |
Vulnerebility blog |
Cisco Blog |
15.10.23 |
Microsoft patches 12 critical vulnerabilities, nine of which are in
Layer 2 Tunneling Protocol |
Vulnerebility blog |
Cisco Blog |
15.10.23 |
Staying on top of security updates – Week in security with Tony Anscombe |
Cyber blog |
Eset |
15.10.23 |
Virus Bulletin – building digital armies |
Cyber blog |
Eset |
15.10.23 |
6 steps to getting the board on board with your Cyber Bsecurity program |
Cyber blog |
Eset |
15.10.23 |
Virus Bulletin PUA – a love letter |
Cyber blog |
Eset |
15.10.23 |
Your family, home and small business need a Cyber B-resilience strategy,
too! |
Cyber blog |
Eset |
8.10.23 |
Leveraging a Hooking Framework to Expand Malware Detection Coverage on
the Android Platform |
OS Blog |
Palo Alto |
8.10.23 |
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities:
CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) |
Vulnerebility blog |
Palo Alto |
8.10.23 |
Qakbot-affiliated actors distribute Ransom Knight malware despite
infrastructure takedown |
Malware blog |
Cisco Blog |
8.10.23 |
What is the dark web? |
Security blog |
Cisco Blog |
8.10.23 |
10 new vulnerabilities disclosed by Talos, including use-after-free
issue in Google Chrome |
Vulnerebility blog |
Cisco Blog |
8.10.23 |
ICS protocol coverage using Snort 3 service inspectors |
ICS blog |
Cisco Blog |
8.10.23 |
Is it bad to have a major security incident on your résumé? (Seriously I
don’t know) |
Incident blog |
Cisco Blog |
8.10.23 |
Threat Roundup for September 22 to September 29 |
Security blog |
Cisco Blog |
8.10.23 |
The security pitfalls of social media sites offering ID-based
authentication |
Social blog |
Cisco Blog |
8.10.23 |
What’s the point of press releases from threat actors? |
Security blog |
Cisco Blog |
8.10.23 |
DinodasRAT used against governmental entity in Guayana – Week in
security with Tony Anscombe |
Malware blog |
Eset |
8.10.23 |
Fake friends and followers on social media – and how to spot them |
Social blog |
Eset |
8.10.23 |
Operation Jacana: Foundling hobbits in Guyana |
BigBrother blog |
Eset |
8.10.23 |
Playing your part in building a safer digital world: Why Cyber Bsecurity
matters |
Cyber B blog |
Eset |
8.10.23 |
How Lazarus impersonated Meta to attack a target in Spain – Week in
security with Tony Anscombe |
APT blog |
Eset |
8.10.23 |
Lazarus luring employees with trojanized coding challenges: The case of
a Spanish aerospace company |
APT blog |
Eset |
8.10.23 |
5 of the top programming languages for Cyber Bsecurity |
Cyber B blog |
Eset |
8.10.23 |
Can open-source software be secure? |
Security blog |
Eset |
24.9.23 |
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted
Attack in Southeast Asian Government |
Malware blog |
Palo Alto |
24.9.23 |
Cyber Bespionage Attacks Against Southeast Asian Government Linked to
Stately Taurus, Aka Mustang Panda |
BigBrother blog |
Palo Alto |
24.9.23 |
Persistent Attempts at Cyber Bespionage Against Southeast Asian
Government Target Have Links to Alloy Taurus |
BigBrother blog |
Palo Alto |
24.9.23 |
Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT |
Malware blog |
Palo Alto |
24.9.23 |
BEHIND THE SCENES OF BBTOK: ANALYZING A BANKER’S SERVER SIDE COMPONENTS |
Malware blog |
Checkpoint |
24.9.23 |
UNVEILING THE SHADOWS: THE DARK ALLIANCE BETWEEN GULOADER AND REMCOS |
Malware blog |
Checkpoint |
24.9.23 |
New ShroudedSnooper actor targets telecommunications firms in the Middle
East with novel Implants |
Malware blog |
Cisco Blog |
24.9.23 |
What’s the point of press releases from threat actors? |
Cyber B blog |
Cisco Blog |
24.9.23 |
ESET's cutting-edge threat research at LABScon – Week in security with
Tony Anscombe |
Cyber B blog |
Eset |
24.9.23 |
Stealth Falcon preying over Middle Eastern skies with Deadglyph |
Malware blog |
Eset |
24.9.23 |
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes |
Malware blog |
Eset |
16.9.23 |
Threat Group Assessment: Turla (aka Pensive Ursa) |
Ransom blog |
Palo Alto |
16.9.23 |
Unit 42 Attack Surface Threat Research: Constant Change in Cloud
Contributes to 45% of New High/Critical Exposures Per Month |
Cyber B blog |
Palo Alto |
16.9.23 |
RedLine Stealer: Answers to Unit Wireshark Quiz |
Malware blog |
Palo Alto |
16.9.23 |
Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer |
Malware blog |
Palo Alto |
16.9.23 |
GUARDING AGAINST THE UNSEEN: INVESTIGATING A STEALTHY REMCOS MALWARE
ATTACK ON COLOMBIAN FIRMS |
Malware blog |
Checkpoint |
16.9.23 |
ELECTIONS SPOTLIGHT: GENERATIVE AI AND DEEP FAKES |
Security blog |
Checkpoint |
16.9.23 |
From Hidden Bee to Rhadamanthys – The Evolution of Custom Executable
Formats |
Ransom blog |
Checkpoint |
16.9.23 |
How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot
attack |
Attack blog |
Cisco Blog |
16.9.23 |
Microsoft Patch Tuesday for September 2023 — Unusually low 5 critical
vulnerabilities included in Microsoft Patch Tuesday, along with two
zero-days |
OS Blog |
Cisco Blog |
16.9.23 |
You can try to hide your firmware from Kelly Patterson, but she’ll find
it (and break it) |
Cyber B blog |
Cisco Blog |
16.9.23 |
Cyber Bcriminals target graphic designers with GPU miners |
Cyber B blog |
Cisco Blog |
16.9.23 |
Turns out even the NFL is worried about deepfakes |
Security blog |
Cisco Blog |
16.9.23 |
A secondhand account of the worst possible timing for a scammer to
strike |
Spam blog |
Cisco Blog |
16.9.23 |
Eight vulnerabilities in Open Automation Software Platform could lead to
information disclosure, improper authentication |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
New open-source infostealer, and reflections on 2023 so far |
Malware blog |
Cisco Blog |
16.9.23 |
SapphireStealer: Open-source information stealer enables credential and
data theft |
Malware blog |
Cisco Blog |
16.9.23 |
What's in a name? Strange behaviors at top-level domains creates
uncertainty in DNS |
Security blog |
Cisco Blog |
16.9.23 |
Years into these games’ histories, attackers are still creating
“Fortnite” and “Roblox”-related scams |
Hacking blog |
Cisco Blog |
16.9.23 |
Lazarus Group's infrastructure reuse leads to discovery of new malware |
Malware blog |
Cisco Blog |
16.9.23 |
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT |
Malware blog |
Cisco Blog |
16.9.23 |
Three vulnerabilities in NVIDIA graphics driver could cause memory
corruption |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
Generating FLIRT signatures for Nim and other non-C programming
languages |
Security blog |
Cisco Blog |
16.9.23 |
Recapping the top stories from Black Hat and DEF CON |
Cyber B blog |
Cisco Blog |
16.9.23 |
The rise of AI-powered criminals: Identifying threats and opportunities |
Cyber B blog |
Cisco Blog |
16.9.23 |
Reflecting on supply chain attacks halfway through 2023 |
Attack blog |
Cisco Blog |
16.9.23 |
Out-of-bounds write vulnerabilities in popular chemistry software; Foxit
PDF Reader issues could lead to remote code execution |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
Ballistic Bobcat's Sponsor backdoor – Week in security with Tony
Anscombe |
Malware blog |
Eset |
16.9.23 |
Read it right! How to spot scams on Reddit |
Spam blog |
Eset |
16.9.23 |
ESET Research Podcast: Sextortion, digital usury and SQL brute-force |
Hacking blog |
Eset |
16.9.23 |
Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike
backdoor |
Malware blog |
Eset |
16.9.23 |
Will you give X your biometric data? – Week in security with Tony
Anscombe |
Cyber B blog |
Eset |
16.9.23 |
Staying ahead of threats: 5 Cyber Bcrime trends to watch |
Cyber B blog |
Eset |
16.9.23 |
Getting off the hook: 10 steps to take after clicking on a phishing link |
Phishing blog |
Eset |
16.9.23 |
Fake Signal and Telegram apps – Week in security with Tony Anscombe |
Social blog |
Eset |
16.9.23 |
What you need to know about iCloud Private Relay |
OS Blog |
Eset |
16.9.23 |
BadBazaar espionage tool targets Android users via trojanized Signal and
Telegram apps |
OS Blog |
Eset |
29.8.23 |
Why LaZagne Makes D-Bus API Vigilance Crucial |
Cyber B blog |
Palo Alto |
29.8.23 |
Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer |
Malware blog |
Palo Alto |
29.8.23 |
28TH AUGUST – THREAT INTELLIGENCE REPORT |
Cyber B blog |
Checkpoint |
29.8.23 |
TUNNEL WARFARE: EXPOSING DNS TUNNELING CAMPAIGNS USING GENERATIVE MODELS
– COINLOADER CASE STUDY |
Cyber B blog |
Checkpoint |
29.8.23 |
2023 Mid-Year Cyber B Security Report: Report Reveals 48 Ransomware
Groups Have Breached Over 2,200 Victims |
Ransom blog |
Checkpoint |
29.8.23 |
The Rhysida Ransomware: Activity Analysis and Ties to Vice Society |
Ransom blog |
Checkpoint |
29.8.23 |
What is commercial spyware? |
Malware blog |
Cisco Blog |
29.8.23 |
What Cisco Talos knows about the Rhysida ransomware |
Ransom blog |
Cisco Blog |
29.8.23 |
Six critical vulnerabilities included in August’s Microsoft security
update |
Vulnerebility blog |
Cisco Blog |
29.8.23 |
Code leaks are causing an influx of new ransomware actors |
Ransom blog |
Cisco Blog |
29.8.23 |
New threat actor targets Bulgaria, China, Vietnam and other countries
with customized Yashma ransomware |
BigBrother blog |
Cisco Blog |
29.8.23 |
Previewing Talos at BlackHat 2023 |
Cyber B blog |
Cisco Blog |
28.8.23 |
Recovering from a supply-chain attack: What are the lessons to learn
from the 3CX hack? |
Attack blog |
Eset |
28.8.23 |
How a Telegram bot helps scammers target victims – Week in security with
Tony Anscombe |
Social blog |
Eset |
28.8.23 |
Telekopye: Hunting Mammoths using Telegram bot |
BotNet blog |
Eset |
28.8.23 |
Scarabs colon-izing vulnerable servers |
Vulnerebility blog |
Eset |
28.8.23 |
A Bard’s Tale – how fake AI bots try to install malware |
Malware blog |
Eset |
28.8.23 |
Cyber B blog |
Cyber B blog |
Eset |
28.8.23 |
DEF CON 31: US DoD urges hackers to go and hack ‘AI’ |
Cyber B blog |
Eset |
28.8.23 |
Mass-spreading campaign targeting Zimbra users |
Cyber B blog |
Eset |
28.8.23 |
DEF CON 31: Robot vacuums may be doing more than they claim |
Cyber B blog |
Eset |
28.8.23 |
Black Hat 2023: Hacking the police (at least their radios) |
Cyber B blog |
Eset |
28.8.23 |
Black Hat 2023: How AI changes the monetization of search |
Cyber B blog |
Eset |
28.8.23 |
Black Hat 2023: AI gets big defender prize money |
Cyber B blog |
Eset |
28.8.23 |
Black Hat 2023: ‘Teenage’ AI not enough for Cyber Bthreat intelligence |
Cyber B blog |
Eset |
28.8.23 |
20k security folks in the desert – Week in security with Tony Anscombe |
Cyber B blog |
Eset |
28.8.23 |
Black Hat 2023: Cyber Bwar fire-and-forget-me-not |
Cyber B blog |
Eset |
28.8.23 |
MoustachedBouncer: Espionage against foreign diplomats in Belarus |
BigBrother blog |
Eset |
28.8.23 |
Time is money, and online game scammers have lots of it |
Phishing blog |
Eset |
6.8.23 |
NodeStealer 2.0 – The Python Version: Stealing Facebook Business
Accounts |
Malware blog |
Palo Alto |
6.8.23 |
Ransomware Delivery URLs: Top Campaigns and Trends |
Ransom blog |
Palo Alto |
6.8.23 |
Half-Year in Review: Recapping the top threats and security trends so
far in 2023 |
Security blog |
Cisco Blog |
6.8.23 |
The many vulnerabilities Talos discovered in SOHO and industrial
wireless routers post-VPNFilter |
Vulnerebility blog |
Cisco Blog |
6.8.23 |
Incident Response trends Q2 2023: Data theft extortion rises, while
healthcare is still most-targeted vertical |
Incident blog |
Cisco Blog |
6.8.23 |
What might authentication attacks look like in a phishing-resistant
future? |
Attack blog |
Cisco Blog |
6.8.23 |
Threat Source newsletter (Aug. 3, 2023) — Previewing Talos at BlackHat
2023 |
Cyber B blog |
Cisco Blog |
6.8.23 |
Every company has its own version of ChatGPT now |
Cyber B blog |
Cisco Blog |
6.8.23 |
The federal government’s Cyber Bsecurity policies are falling into place
just in time to be stalled again |
BigBrother blog |
Cisco Blog |
6.8.23 |
Memory corruption vulnerability in Microsoft Edge; MilesightVPN and
router could be taken over |
Vulnerebility blog |
Cisco Blog |
6.8.23 |
Why are there so many malware-as-a-service offerings? |
Malware blog |
Cisco Blog |
6.8.23 |
Implementing an ISO-compliant threat intelligence program |
Security blog |
Cisco Blog |
6.8.23 |
QR codes are relevant again for everyone from diners to threat actors |
Security blog |
Cisco Blog |
6.8.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12
vulnerabilities in RPC implementation |
Vulnerebility blog |
Cisco Blog |
6.8.23 |
Check Cyber Bsecurity pre-invest – Week in security with Tony Anscombe |
Cyber B blog |
Eset |
6.8.23 |
Fingerprints all over: Can browser fingerprinting increase website
security? |
Security blog |
Eset |
6.8.23 |
The grand theft of Jake Moore’s voice: The concept of a virtual kidnap |
Malware blog |
Eset |
6.8.23 |
Is backdoor access oppressive? – Week in security with Tony Anscombe |
Malware blog |
Eset |
6.8.23 |
Gathering dust and data: How robotic vacuums can spy on you |
Malware blog |
Eset |
6.8.23 |
Dear all, What are some common subject lines in phishing emails? |
Phishing blog |
Eset |
5.8.23 |
Genesis Market No Longer Feeds The Evil Cookie Monster |
Hacking blog |
Trellix |
5.8.23 |
Microsoft mitigates Power Platform Custom Code information disclosure
vulnerability |
Vulnerebility blog |
Microsoft Blog |
5.8.23 |
Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development
in the wild |
Malware blog |
Avast blog |
5.8.23 |
Reptile Malware Targeting Linux Systems |
Malware blog |
ASEC |
3.8.23 |
Cyber Bthreats increasingly target the world’s biggest event stages |
Cyber B blog |
Microsoft Blog |
3.8.23 |
Unraveling Russian Multi-Sector DDoS Attacks Across Spain |
BigBrother blog |
Radware |
3.8.23 |
Demystifying Mysterious Team Bangladesh |
BigBrother blog |
Group-IB |
3.8.23 |
GUARDING THE BRIDGE: NEW ATTACK VECTORS IN AZURE AD CONNECT |
Attack blog |
Sygnia |
3.8.23 |
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New
Infrastructure in 2023 |
Cyber B blog |
Recordedfuture |
3.8.23 |
One Year After: The Cyber B Implications of the Russo-Ukrainian War |
BigBrother blog |
Sekoia |
21.7.23 |
Threat Group Assessment: Mallox Ransomware |
Ransom blog |
Palo Alto |
21.7.23 |
P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm |
Malware blog |
Palo Alto |
21.7.23 |
BYOS – BUNDLE YOUR OWN STEALER |
Malware blog |
Checkpoint |
21.7.23 |
MAJOR SECURITY FLAWS IN POPULAR QUICKBLOX CHAT AND VIDEO FRAMEWORK
EXPOSE SENSITIVE DATA OF MILLIONS |
Vulnerebility blog |
Checkpoint |
21.7.23 |
CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN |
BigBrother blog |
Checkpoint |
21.7.23 |
Malicious campaigns target government, military and civilian entities in
Ukraine, Poland |
BigBrother blog |
Cisco Blog |
21.7.23 |
The federal government’s Cyber Bsecurity policies are falling into place
just in time to be stalled again |
BigBrother blog |
Cisco Blog |
21.7.23 |
Memory corruption vulnerability in Microsoft Edge; MilesightVPN and
router could be taken over |
Vulnerebility blog |
Cisco Blog |
21.7.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12
vulnerabilities in RPC implementation |
OS Blog |
Cisco Blog |
21.7.23 |
Why are there so many malware-as-a-service offerings? |
Malware blog |
Cisco Blog |
21.7.23 |
Implementing an ISO-compliant threat intelligence program |
Security blog |
Cisco Blog |
21.7.23 |
QR codes are relevant again for everyone from diners to threat actors |
Security blog |
Cisco Blog |
21.7.23 |
Microsoft discloses more than 130 vulnerabilities as part of July’s
Patch Tuesday, four exploited in the wild |
Vulnerebility blog |
Cisco Blog |
21.7.23 |
Undocumented driver-based browser hijacker RedDriver targets Chinese
speakers and internet cafes |
Malware blog |
Cisco Blog |
21.7.23 |
What happens if AI is wrong? – Week in security with Tony Anscombe |
Security blog |
Eset |
21.7.23 |
8 common work-from-home scams to avoid |
Spam blog |
Eset |
21.7.23 |
Child identity theft: how do I keep my kids’ personal data safe? |
Safety blog |
Eset |
21.7.23 |
Protect yourself from ticketing scams ahead of the Premier League Summer
Series USA Tour |
Spam blog |
Eset |
21.7.23 |
Key findings from ESET Threat Report H1 2023 – Week in security with
Tony Anscombe |
Cyber B blog |
Eset |
15.7.23 |
Six Malicious Python Packages in the PyPI Targeting Windows Users |
Malware blog |
Palo Alto |
15.7.23 |
BEYOND THE HORIZON: TRAVELING THE WORLD ON CAMARO DRAGON’S USB FLASH
DRIVES |
Malware blog |
Checkpoint |
15.7.23 |
CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN |
BigBrother blog |
Checkpoint |
15.7.23 |
MAJOR SECURITY FLAWS IN POPULAR QUICKBLOX CHAT AND VIDEO FRAMEWORK
EXPOSE SENSITIVE DATA OF MILLIONS |
Vulnerebility blog |
Checkpoint |
15.7.23 |
STEALTH SOLDIER BACKDOOR USED IN TARGETED ESPIONAGE ATTACKS IN NORTH
AFRICA |
Malware blog |
Checkpoint |
15.7.23 |
RUST BINARY ANALYSIS, FEATURE BY FEATURE |
Malware blog |
Checkpoint |
15.7.23 |
MALWARE SPOTLIGHT: CAMARO DRAGON’S TINYNOTE BACKDOOR |
Malware blog |
Checkpoint |
15.7.23 |
Old certificate, new signature: Open-source tools forge signature
timestamps on Windows drivers |
OS Blog |
Cisco Blog |
15.7.23 |
Undocumented driver-based browser hijacker RedDriver targets Chinese
speakers and internet cafes |
BigBrother blog |
Cisco Blog |
15.7.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12
vulnerabilities in RPC implementation |
OS Blog |
Cisco Blog |
15.7.23 |
Malicious campaigns target government, military and civilian entities in
Ukraine, Poland |
BigBrother blog |
Cisco Blog |
15.7.23 |
QR codes are relevant again for everyone from diners to threat actors |
Hacking blog |
Cisco Blog |
15.7.23 |
Microsoft discloses more than 130 vulnerabilities as part of July’s
Patch Tuesday, four exploited in the wild |
Vulnerebility blog |
Cisco Blog |
15.7.23 |
The danger within: 5 steps you can take to combat insider threats |
Cyber B blog |
Eset |
15.7.23 |
ESET Research Podcast: Finding the mythical BlackLotus bootkit |
Malware blog |
Eset |
15.7.23 |
Analysis of Storm-0558 techniques for unauthorized email access |
Hacking blog |
Microsoft |
| | | |
| | | |