Microsoft’s security team published evidence this week tying the Raspberry Robin malware to Russian cybercrime syndicate Evil Corp.
The Qualys Threat Research Team continues to inform enterprise cybersecurity teams of emerging threats that could impact their business. These threat intelligence reports summarize individual threat exploits and provide practical recommendations for protecting against them.
In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious droppers, and elaborate on cybercriminal activities related to DaaS in the deep web.
Threat groups are increasingly turning to InterPlanetary File System (IPFS) peer-to-peer data sites to host their phishing attacks because the decentralized nature of the sharing system means malicious content is more effective and easier to hide.
Humanity’s imagination turned toward the heavens this month as the James Webb Space Telescope revealed images of distant galaxies.
Samba is a widely-used open source toolkit that not only makes it easy for Linux and Unix computers to talk to Windows networks, but also lets you host a Windows-style Active Directory domain without Windows servers at all.
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a private-sector offensive actor (PSOA) using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European an
One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing.
Attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers.
Around June 24 2022, out of over 4.7 million hosts Censys observed in Russia, Censys discovered two Russian hosts containing an exploitation tool, Metasploit, and Command and Control (C2) tool, Deimos C2. Historical analysis indicated one of these Russian hosts also used the tool PoshC2.
The Biden administration late last week issued guidance that laid out the cybersecurity funding priorities that federal agencies should adhere to for the upcoming fiscal year 2024 budget cycle.
The RSA Conference 2022 – one of the world’s premier IT security conferences – was held June 6th-9th in San Francisco. The first in-person event for RSA since the global pandemic had a slightly lower turnout than in years past (26,000 compared to 36,000 attendees).
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware.
The ransomware group Lockbit claims to have stolen 78 GB of files from the Italian Revenue Agency (Agenzia delle Entrate).
Multiple flaws in FileWave mobile device management (MDM) product exposed organizations to cyberattacks. Claroty researchers discovered two vulnerabilities in the FileWave MDM product that exposed more than one thousand organizations to cyber attacks.
In the recent Cloud Threat Report, Unit 42 researchers analyzed more than 680,000 identities across 18,000 cloud accounts from 200 different organizations and found that 99% of cloud users, roles and service accounts are overly permissive.
Thunderbird 102.1.0 is now available. The new stable version of the email client patches four security issues in the application and makes some minor changes next to that. Thunderbird 102.1.0 is already available.
A few months back, I mentioned that I’m using the Lacros browser full-time. Lacos is essentially the Linux version of the Chrome browser and is part of Google’s effort to decouple Chrome from ChromeOS. Today I found code that will eliminate one of my pain points using Lacros.
On July 22, 2022, T-Mobile entered into an agreement to settle a class action lawsuit stemming from its 2021 data breach. The breach involved the personal information of 76.6 million U.S. residents and was T-Mobile’s fifth breach over a four year period.
Blue Note Jazz Festival Debuts in Napa Valley With Robert Glasper, Snoop Dogg, Dave Chappelle & More
The Blue Note Jazz Festival in Napa Valley, Calif., kicks off Friday (July 29) with host Dave Chappelle and Grammy-winning instrumentalist Robert Glasper as artist in residence.