America’s first-ever national cyber director Chris Inglis says he has a strategy to get government agencies to toughen up their digital defenses in the face of increasing cyber threats.
Government urges need to ensure 5G networks remain secured and resilient, as Singtel says it has attained 180,000 5G subscribers and added new business use cases running on its 5G standalone network.
Nicknamed ProxyToken, the security vulnerability allows a remote attacker to bypass authentication and make changes to a Microsoft Exchange email server’s backend configuration.
The grant will create a laboratory that includes a virtual cyber range for customized training environments in the soon-to-be-opened Carole and Marcus Weinstein Computer Sciences Center.
The new SideWalk backdoor in a recent campaign by a Chinese APT found sharing multiple similarities with CrossWalk, another backdoor used by the group. SideWalk and CrossWalk share a resemblance in anti-tampering techniques, threading model, data layout, and the way data is managed during the execution, etc. It is very important for security agencies to keep […]
A new DirtyMoe botnet variant was discovered with major modifications in the form of anti-forensic, anti-debugging, and anti-tracking capabilities. The attackers use VMProtect and their own encryption algorithm to evade detection. Besides vulnerability management solutions, enterprises must ensure that an adequate anti-phishing strategy for better protection.
Financially motivated FIN8 group attempted to compromise the networks of a U.S. financial organization using a new malware – Sardonic. Sardonic can establish persistence on the infected machine and collects system info, executes arbitrary commands, loads/executes extra plugins, and the results are sent remotely to a server of attackers. Organizations are advised to separate their […]
Trend Micro has identified a new malware distribution campaign delivering LokiBot banking trojan using multiple old yet effective tactics. The customers were being targeted via emails masquerading as an order invoice, with a PDF file attached. Its critical that organizations patch vulnerabilities on time and refraining from emails received from unknown senders.
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in DDoS attacks.
Today, the extensive library of tools, technologies, and processes available to protect an organization from cyber threats are overwhelming and, at the same time, offer underwhelming results.