Cloud Security Predictions at AWS re:Invent 2023

Credit to Author: Jon Clay| Date: Mon, 27 Nov 2023 00:00:00 +0000

Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what’s trending in cloud security.

Read more

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Credit to Author: Peter Girnus| Date: Mon, 20 Nov 2023 00:00:00 +0000

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

Read more

ALPHV/BlackCat Take Extortion Public

Credit to Author: Jon Clay| Date: Fri, 17 Nov 2023 00:00:00 +0000

Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.

Read more

100 Quarters of Profitability: Insights from a Trender

Credit to Author: Jon Clay| Date: Tue, 14 Nov 2023 00:00:00 +0000

Learn what 100 straight quarters of profitability means to a Trender who has been here for every one of them.

Read more

DarkGate Opens Organizations for Attack via Skype, Teams

Credit to Author: Trent Bessell| Date: Thu, 12 Oct 2023 00:00:00 +0000

We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.

Read more

Exposing Infection Techniques Across Supply Chains and Codebases

Credit to Author: Aliakbar Zahravi| Date: Thu, 05 Oct 2023 00:00:00 +0000

This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.

Read more

APT34 Deploys Phishing Attack With New Malware

Credit to Author: Mohamed Fahmy| Date: Fri, 29 Sep 2023 00:00:00 +0000

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Read more

Examining the Activities of the Turla APT Group

Credit to Author: Srivathsa Sharma| Date: Fri, 22 Sep 2023 00:00:00 +0000

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.

Read more