ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group ESET researchers have analyzed a previously unreported backdoor used by the ScarCruft APT group. The backdoor, which we named Dolphin, has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and […]
Amazon Security Lake is a service that automatically centralizes an organization’s security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account so customers can act on security data faster. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings, converts incoming security data to the […]
Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as […]
ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm’s fingerprints all over it The ESET research team has spotted a new wave of ransomware attacks taking aim at multiple organizations in Ukraine and bearing the hallmarks of other campaigns previously unleashed by the Sandworm APT group. Even though the […]
CyberCube launched Version 4.0 of Account Manager, the software-as-a-service (SaaS) solution designed explicitly for single risk (re)insurance underwriters. Resulting from CyberCube’s continuous analysis of cybersecurity data at a petabyte scale, Account Manager delivers a comprehensive, curated spectrum of impactful signals, analytics, and financial risk quantification to empower underwriters to make consistent, data-driven decisions. The latest […]
Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn’t have permission to perform an action can coerce a more-privileged entity to […]
An emergency Chrome update that Google announced on Thanksgiving Day addresses an actively exploited zero-day in the popular browser. Tracked as CVE-2022-4135, the high-severity vulnerability is described as a heap buffer overflow in Chrome’s GPU component. “Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the internet giant notes. A National Vulnerability […]
Google has just patched Chrome’s eighth zero-day hole of the year so far. Zero-days are bugs for which there were zero days you could have updated proactively… …because cybercriminals not only found the bug first, but also figured out how to exploit it for nefarious purposes before a patch was prepared and published. So, the […]
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google seeks to make Cobalt Strike useless to attackersGoogle Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers. Fake subscription invoices lead to […]
For 6 months, the infamous Emotet botnet has shown almost no activity, and now it’s distributing malicious spam. Let’s dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The […]