-
Jan 21, 2023
The Russian state-sponsored cyber espionage group known as Gamaredon has been found to be using the popular messaging app Telegram in its recent attacks against Ukraine. The group, also known as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa… read more »
-
Jan 20, 2023
A critical RCE (remote code execution) vulnerability has been discovered impacting multiple services related to Microsoft Azure, potentially allowing a malicious actor to completely take control of a targeted application. The vulnerability was discovered by Israeli cloud infrastructure security firm… read more »
-
Jan 19, 2023
Cybercriminals are increasingly using malicious LNK files as a way to gain initial access and download payloads such as Bumblebee, IcedID, and Qakbot. These malicious shortcut files are used to evade security solutions and infect victims’ computers with malware. A… read more »
-
Jan 18, 2023
Codespaces is a development environment that allows developers to easily set up, configure, and collaborate on projects from within GitHub. It allows users to customize their project by committing configuration files to their repository, which creates a repeatable configuration for… read more »
-
Jan 17, 2023
A threat actor known as Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository, which are designed to drop malware on compromised developer systems. According to a report by Fortinet the packages, named colorslib, httpslib and… read more »
-
Jan 16, 2023
Incident response is a critical component of any organization’s cybersecurity strategy. With the increasing use of cloud-based services, it’s essential to have the right tools in place to quickly and effectively respond to security incidents. In this post, I propose… read more »
-
Jan 15, 2023
After the LastPass databreach, doubts have been raised in the cybersecurity community about the actual security of password managers. Personally, I have always held a fairly unpopular opinion: password managers built into browsers are more secure than stand-alone. In this… read more »
-
Jan 11, 2023
A new advanced threat actor known as Dark Pink, also referred to as Saaiwc Group, has been found to be targeting government agencies and military bodies in multiple countries in the APAC region using custom malware to steal confidential information.… read more »
-
Jan 9, 2023
The Kinsing malware is targeting Kubernetes clusters by exploiting known vulnerabilities in container images and misconfigured PostgreSQL containers. The malware has a history of targeting containerized environments for crypto mining, and the threat actors behind it have been known to… read more »
-
Jan 6, 2023
These days I am finishing the first draft of a new book of the “Little Handbooks” series, dedicated to Malware Analysis. One of the first chapters is a brief history of computer viruses. Comments and feedback are welcome! Malware is… read more »
-
Jan 2, 2023
Introduction Agile methodologies have become increasingly popular in recent years as a way to accelerate the development of software and other projects. Unlike traditional Waterfall methodologies, which follow a linear and sequential process, agile approaches emphasize flexibility, collaboration, and rapid… read more »
-
Dec 31, 2022
The Swiss cheese model is a risk management concept that can be applied to cybersecurity to help organizations understand and mitigate the risks they face. The model suggests that there are multiple layers of defense, or “slices of cheese,” in… read more »
-
Dec 30, 2022
Security researcher Matt Kunze discovered a bug in Google’s smart speaker, the Google Home, which allowed for the creation of a backdoor account that could be used to remotely control the device and access the microphone feed. This could potentially… read more »
-
Dec 29, 2022
A new cyber attack campaign called MasquerAds is targeting users who are searching for popular software by using Google Ads to serve malware-infected variants of the software. These malware-infected versions, which include Raccoon Stealer and Vidar, are being served through… read more »
-
Dec 27, 2022
The BlueNoroff subcluster of the Lazarus Group has adopted new techniques that allow it to bypass Windows’ Mark of the Web protections. MotW The Windows Mark of the Web (MotW) is a security feature that helps protect users from malicious… read more »
-
Dec 25, 2022
LastPass, a password management software used by over 33 million people and 100,000 businesses worldwide, has revealed that customer vault data was stolen after the company’s cloud storage was breached earlier this year. What happened? The attacker gained access to… read more »
-
Dec 24, 2022
A SOC, or Security Operations Center, is a centralized unit within an organization responsible for the detection, analysis, and response to cyber threats and vulnerabilities. It is typically responsible for managing and monitoring the security of an organization’s networks, systems,… read more »
-
Dec 19, 2022
This book had a very long gestation. I started writing it at the end of 2019 and then, because of more important commitments, I decided to put it on hold and pick it up a few months later. In early… read more »
-
Dec 11, 2022
Cybersecurity is a critical issue in the modern world. As more and more of our personal and professional lives move online, the need for effective cybersecurity measures becomes increasingly important. One key aspect of maintaining strong cybersecurity posture is the… read more »
-
Dec 5, 2022
I tried to ask ChatGPT (an OpenAI project based on GPT 3.5) to explain if and why in the future all blogs will be written by artificial intelligences…here is the answer! In recent years, there has been a growing trend… read more »