Threat Actors Exploit Misconfigured Apache Hadoop YARN

Credit to Author: Alfredo Oliveira| Date: Tue, 27 Jul 2021 00:00:00 GMT

We look into how threat actors are exploiting Apache Hadoop YARN, a part of the Hadoop framework that is responsible for executing tasks on the cluster. This analysis covers the payloads deployed, the tactics used in the attacks, and basic recommendations for strengthening cloud security.

Read more

The Underground Exploit Market and the Importance of Virtual Patching

Credit to Author: Trend Micro Research| Date: Tue, 13 Jul 2021 00:00:00 GMT

Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground.

Read more

StrongPity APT Group Deploys Android Malware for the First Time

Credit to Author: Fyodor Yarochkin| Date: Wed, 21 Jul 2021 00:00:00 GMT

We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks.

Read more

#NoFilter: Exposing the Tactics of Instagram Account Hackers

Credit to Author: Jindrich Karasek| Date: Mon, 12 Jul 2021 00:00:00 GMT

What tactics do Instagram account hackers use? What do these cybercriminals do with stolen accounts? How can users protect their accounts? We look into Instagram account hacking incidents from a security researcher’s perspective and share recommendations for users of Instagram and other social media platforms.

Read more

BIOPASS RAT: New Malware Sniffs Victims via Live Streaming

Credit to Author: Joseph C Chen| Date: Fri, 09 Jul 2021 00:00:00 GMT

We discovered a new malware that targets online gambling companies in China via a watering hole attack, in which visitors are tricked into downloading a malware loader disguised as a legitimate installer for well-known apps such as Adobe Flash Player or Microsoft Silverlight.

Read more