It is worth recalling that Cobalt Strike is a legitimate commercial tool designed for pentesters and the red team and focused on exploitation and post-exploitation.
Unfortunately, it has long been loved by hackers ranging from government APT groups to ransomware operators. Although Cobalt Strike is quite expensive and inaccessible to ordinary users, attackers still find ways to use it (for example, rely on old, pirated and hacked versions).
Let me remind you that we also reported that Zloader Trojan Disables [...]
Currently available in 37 languages, the project has helped more than 1.5 million people around the world recover their data.
Also note the following: Cybersecurity Specialists Created the Hopper Worm to Protect against Other Worms.
Let me remind you that No More Ransom was launched in 2016 as an initiative to combat ransomware and ransomware. Then only Europol, the Dutch police, McAfee and Kaspersky Lab took part in it.
Now the number of program partners has grown to 188, including companies from the private and public sectors, [...]
Let me remind you that we also wrote about such a trend as: Companies significantly improved cyberthreat detection time.
A survey conducted by Gurucul among 180 participants at the RSA 2022 conference was about their opinion on the effectiveness of security operations in their organizations.
Only 25% of organizations believe that their main threat comes from within the business.
And this despite the growth of internal threats by 47% over the past two [...]
Journalists from Bleeping Computer report that a reader reported the problem to them, who was very surprised to find several references to vulnerable systems listed in the “references” section in the CVE bulletin.
Typically, this section provides links to primary sources (report, blog post, PoC demo) that explain the vulnerability. Sometimes security bulletins do include links confirming the existence of a vulnerability, but usually they lead to [...]
Let me remind you that we also talked about The New AI system thatDot Novelty Detector Speeds Up Detecting of Malicious Activity.
The developers promise that the Lockdown mode will protect users’ connections while they are messaging and browsing the web by blocking spyware (like NSO Group’s Pegasus spyware) that government hackers routinely use against Apple device [...]
Worms are the most destructive force in the field of information security, bringing multi-million-dollar damage to companies. Despite this, there are viruses that are beneficial. Hopper is such a virus.
Let me remind you that we also reported that The New AI system thatDot Novelty Detector Speeds Up Detecting of Malicious Activity.
Detection tools are not good at detecting non-exploit-based distribution, which is what worms do best. Most information security solutions are less resistant to worm attack methods, such as the use of an impersonation token [...]
The issue poses a threat to 64-bit systems with Intel AVX-512 (Advanced Vector Extensions 512) support, but not all experts agree that this issue should be treated as a vulnerability at all.
Let me remind you that we also wrote that Experts Found Long-Standing Bugs in Avast and AVG Antiviruses.
It all started with the fact that in the new version of OpenSSL, released last week, a command injection vulnerability (CVE-2022-2068) was addressed, though it could not be completely fixed using the previous patch (CVE-2022-1292).
Alas, it turned out that this time the [...]
It is reported that Adobe Acrobat checks whether components of about 30 security products are interested in its processes, and then blocks them, effectively making it impossible to track malicious activity.
You may also be interested to know that SharkBot malware disguises itself as an antivirus on the Google Play Store.
Minerva Labs analysts explain that security solutions usually require “visibility” of all processes in the system to work.
As a rule, this is achieved by injecting the [...]Let me remind you that in March 2022, a patch was released for the CVE-2022-1040 vulnerability, which was rated as critical on the CVSS scale (9.8 points out of 10 possible). At the time, it was reported that the bug allows remote attackers to bypass authentication through the firewall’s user portal or through the web admin panel and then execute an arbitrary code.
The vulnerability was originally discovered by an anonymous researcher who [...]
Let me remind you that we also wrote that Attackers hacked cybersecurity company Qualys through Accellion FTA.
Bleeping Computer writes that LockBit did not report exactly which files were stolen from Mandiant systems, and the list of files on the leak page was empty. However, it showed a file named mandiantyellowpress.com.7z [...]