The main advantage of this approach is to evade detection by security tools using static analysis and hamper examination by researchers, delaying the development of an in-depth understanding of how an Android malware strain works.
Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.
Fundamental defenses — identity and access management, MFA, memory-safe languages, patching and vulnerability management — are lacking or nonexistent across the economy, according to cybersecurity experts.
Hackers based in China are targeting the gambling sector across Southeast Asia in a campaign that researchers say is closely related to data collection and surveillance operations identified earlier this year.
Suncor Energy executives said the Canadian energy giant has recovered most of its normal operations since a June cyberattack. But the incident was serious, executives said, and Suncor learned significant lessons.
The Sysdig Threat Research Team (TRT) recently discovered a new, financially motivated operation, dubbed LABRAT. This operation set itself apart from others due to the attacker’s emphasis on stealth and defense evasion in their attacks.
The New York City’s tax collection agency accidentally shared the home addresses, cell phone numbers, and personal email addresses of more than 1,700 workers with all those employees.
The Play ransomware group is targeting managed security service providers (MSSPs) to gain initial access and use up to a half-decade-old vulnerabilities in security appliances, warn security researchers with Adlumin.
An analysis of more than 400 malware families deployed over the past two years found that at least a quarter of them abused legitimate internet services in some way as part of their infrastructure.
The HHS’ Advanced Research Projects Agency for Health (Arpa-H) launched an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care.