-
Mar 10, 2023
According to a recent report from cybersecurity firm Mandiant, Chinese cybercriminals are targeting unpatched SonicWall gateways with credential-stealing malware that persists through firmware upgrades. The spyware is targeting the SonicWall Secure Mobile Access 100 Series, which provides VPN access to… read more »
-
Mar 9, 2023
When it comes to responding to cybersecurity incidents, organisations have several options, including using a Computer Emergency Response Team (CERT), a Computer Security Incident Response Team (CSIRT) or a Security Operations Center (SOC). While these teams may seem interchangeable, there… read more »
-
Mar 9, 2023
The popular open-source password management service, Bitwarden, offers an auto-fill feature that can automatically fill in users’ saved credentials when they visit a website. However, this feature has a potentially dangerous behavior that could allow malicious iframes embedded in trusted… read more »
-
Mar 8, 2023
Chinese threat actor Sharp Panda has targeted high-profile government agencies in Southeast Asia with a cyber espionage campaign using a new version of the Soul modular framework. Cybersecurity firm Check Point has described the activity as “long-running” and has previously… read more »
-
Mar 6, 2023
A new report from cybersecurity firm MITIGA has revealed that malicious actors can exploit a lack of forensic visibility in Google Cloud Platform (GCP) to exfiltrate sensitive data. The research found that GCP does not provide sufficient visibility into its… read more »
-
Mar 5, 2023
CrowdStrike has released its 9th Annual Global Threat Report, which provides a comprehensive overview of threat actor behaviour, tactics and trends over the past year. The report is based on the activities of more than 200 cyber adversaries and covers… read more »
-
Mar 3, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) recently launched a free tool called Decider to help the cybersecurity community map threat actor behaviour to the MITRE ATT&CK Framework. Decider uses a combination of guided questions, efficient search and filtering, and… read more »
-
Mar 2, 2023
According to research recently published by cybersecurity firm Trend Micro, Iron Tiger, a Chinese-speaking threat group known for targeting organisations in East Asia, has created a Linux version of its custom malware known as SysUpdate. The malware is designed to… read more »