Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. “Deadglyph’s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly,” ESET […]
Video Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups 22 Sep 2023 The lineup of speakers at this year’s edition of LABScon featured two ESET malware researchers who took to the stage to deconstruct sophisticated attacks conducted by two well-known APT groups. […]
Viavi Solutions unveiled Observer Sentry, Software-as-a-Service-based Threat Exposure Management providing SecOps, DevOps, and cloud architects much-needed threat visibility into ever-changing AWS environments. The 2023 State of the Network study from VIAVI revealed increases in enterprises’ dependence on the cloud, dissatisfaction with cloud visibility, and time spent on security issues. In an effort to continuously improve […]
Chip giant Intel announced on the second day of its Intel Innovation 2023 event the general availability of an attestation service that is part of Trust Authority, a new portfolio of security software and services. The new attestation software-as-a-service, codenamed Project Amber, is the first service in the Intel Trust Authority portfolio. It offers a […]
China’s onslaught of cyberattacks on critical infrastructure is likely a contingency move designed to gain a strategic advantage in the event of kinetic warfare, according to the US Department of Defense (DoD). The agency’s 2023 Cyber Strategy released this week flagged an uptick in state-sponsored cybercrime from the People’s Republic of China (PRC), specifically against […]
Sep 14, 2023THNEndpoint Security / Vulnerability A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. “Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run […]
Video Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States 14 Sep 2023 This week, ESET researchers unveiled their findings about a campaign by the Ballistic Bobcat APT group that deployed […]
CISO Global is expanding its capabilities by deepening its threat intelligence feed and incorporating it into existing services. Named ‘Threat Informed’, this new data stream mines the DarkNet, an overlay of secret networks comprised of communication channels that can only be accessed with specific software and processes used mostly by malicious hackers, to identify cybersecurity […]
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh warning that two new Windows vulnerabilities are being targeted by malware attacks in the wild. As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation […]
Sep 09, 2023THNMobile Security / Spyware Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and […]