North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East. Hackers targeted employees within the aviation and defense sectors with fake job offers for tech and defense-related positions.
While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
When analyzing huge number of malware samples, one would want to receive malware configurations in a well-defined, predictable, industry-standard format that can be easily integrated into a security system.
After researching an abundance of options, this report concluded on using the output format defined by the US...
Traditional SIEM falls short for CISOs due to evolving threats and data overload. The need for advanced analytics is clear to effectively identify and detect threats. Costs are a major concern, and budgets are tight. Automation is desired, especially in the triage phase, but confusing cost models for tools add...
Enterprises continue to invest in cybersecurity solutions, with spending projected to double from US$92 billion in 2022 to over US$170 billion by 2027. The 2023 Exabeam Global State of Threat Detection, Investigation, and Response (TDIR) Report, conducted with more than 1,100 senior security and IT professionals...
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
Ukraine's security intelligence chief said Russian hackers had been responsible for severing internet access and mobile communications from telecom operator Kyivstar in December, after compromising the firm's network months ago. He said the "disastrous" cyberattack had wiped "almost everything."
The Cybersecurity and Infrastructure Security Agency announced plans to launch a two-year effort beginning in 2024 to modernize its legacy Automated Indicator Sharing program as part of an effort to enhance collaboration with the private sector and provide more actionable data to its partners.
Research by SentinelOne, Microsoft and PwC threat intelligence found "substantial cooperation and coordination" between Chinese threat groups on their choice of victims in the Middle Eastern region, shared infrastructure and tooling, and management practices.
Hackers targeted telecommunications companies in Thailand with a Linux remote access Trojan designed to attack different versions of the open-source kernel, researchers say. Dubbed "Krasue," the malware poses a "severe risk to critical systems and sensitive data," says Group-IB researchers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.