Ginzo stealer is obfuscated with ConfuserEx, resulting in error messages when trying to decompile the code. That is because the type initializer .cctor decrypts the actual code on the fly. It also initializes data required for string decryption.
Australia’s financial intelligence and regulatory body Austrac has released two financial crime guides to help businesses detect and prevent criminal abuse of digital currencies and ransomware.
Tracked as CVE-2022-29360, the flaw relates to a stored cross-site-scripting (XSS) vulnerability impacting the latest version of RainLoop (v1.16.0) that was released on May 7, 2021.
According to a new Forrester survey, 63% of organizations were breached in the past year, 4% more than the year before. In the past 12 months, organizations faced an average of three breaches.
The Federal Bureau of Investigation (FBI) says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide between November 2021 and March 2022.
Effective threat intelligence and threat hunting programs can take the fight from behind the firewall directly to the adversaries themselves – with lawyers playing a crucial role on the front lines.
Researchers at Google’s Project Zero said they tracked 58 cases of zero-day exploits “in the wild” in 2021 — the most ever detected and disclosed in a single year since the group began its work in mid-2014.
Zerto announced the findings of a ransomware study, revealing that gaps in readiness are seriously impacting the ability of many organizations to manage and recover from attacks.
Tracked as CVE-2022-20685, the vulnerability is rated 7.5 for severity and resides in the Modbus preprocessor of the Snort detection engine. It affects all open-source Snort project releases earlier than 2.9.19 as well as version 3.1.11.0.
Columbia University researchers have developed a novel algorithm that can block rogue audio eavesdropping via microphones in smartphones, voice assistants, and connected devices in general.