Credit to Author: Sherif Magdy| Date: Tue, 11 Jul 2023 00:00:00 +0000
In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module.
Read moreCredit to Author: Ieriz Nicolle Gonzalez| Date: Fri, 07 Jul 2023 00:00:00 +0000
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
Read moreCredit to Author: Jon Clay| Date: Thu, 06 Jul 2023 00:00:00 +0000
Advanced technologies allow organizations to discover, assess and mitigate cyber threats like ransomware. But truly strong cybersecurity also requires a threat-aware workforce—prompting more and more enterprises to focus on cybersecurity awareness training and testing.
Read moreCredit to Author: Joyce Huang| Date: Thu, 06 Jul 2023 00:00:00 +0000
To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security.
Read moreCredit to Author: Matsukawa Bakuei| Date: Wed, 05 Jul 2023 00:00:00 +0000
Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk of unintentional disclosure of confidential information.
Read moreCredit to Author: Melissa Clow| Date: Tue, 04 Jul 2023 00:00:00 +0000
Learn the ISO security and cloud compliance as well as the automated mechanisms to ensure those standards.
Read moreCredit to Author: Melissa Clow| Date: Tue, 04 Jul 2023 00:00:00 +0000
Explore the Operational Excellence pillar of the AWS Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management.
Read moreCredit to Author: Lucas Silva| Date: Fri, 30 Jun 2023 00:00:00 +0000
We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.
Read more