Attacks on 5G Infrastructure From Users’ Devices

Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Read more

Break IT/OT Silos by Expanding SOC Responsibilities

Credit to Author: Kazuhisa Tagaya| Date: Fri, 04 Aug 2023 00:00:00 +0000

The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks.

Read more

Platform Approach to Cybersecurity: The New Paradigm

Credit to Author: Jon Clay| Date: Thu, 13 Jul 2023 00:00:00 +0000

Embracing platform approach as the path to enhanced security and resilience

Read more

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

Credit to Author: Fernando Merces| Date: Thu, 13 Jul 2023 00:00:00 +0000

An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.

Read more

SeroXen Incorporates Latest BatCloak Engine Iteration

Credit to Author: Peter Girnus| Date: Thu, 15 Jun 2023 00:00:00 +0000

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware.

Read more

Health Industry Cybersecurity Best Practices 2023

Credit to Author: Kazuhisa Tagaya| Date: Thu, 25 May 2023 00:00:00 +0000

This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS (U.S. Department of Health and Human Services) released in Apr 2023.

Read more