What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-08 13:06:24 | Rapport Trend Micro sur l\'état de la cybersécurité en 2022 Avec 146 milliards de menaces détectées, l\'année 2022 bat tous les records ! (lien direct) | Trend Micro Incorporated dévoile son rapport annuel de sécurité pour l'année 2022. Intitulé 'Rethinking Tactics : 2022 Annual Cybersecurity Report', il alerte sur la recrudescence massive du nombre de menaces détectées en 2022 (+55 %) ainsi que sur la montée en flèche du volume de fichiers malveillants bloqués (+242 %). Au cours de l'année écoulée, les acteurs de la menace ont réalisé leur attaque sans faire de distinction entre le grand public et les entreprises. - Investigations | Prediction | ★★★ | |
 |
2023-03-08 09:30:00 | Cyber-Threat Detections Surge 55% in 2022 (lien direct) | Trend Micro stops a record 146 billion discrete threats | Prediction | ★★ | |
 |
2023-03-07 16:01:57 | Utilisation de l'analyse de la mémoire pour détecter les logiciels malveillants nullifiants EDR Using Memory Analysis to Detect EDR-Nullifying Malware (lien direct) |
> Dans le paysage de cybersécurité en constante évolution, les acteurs de la menace sont obligés d'évoluer et de modifier continuellement les tactiques, les techniques et les procédures (TTP) qu'ils utilisent pour lancer et maintenir les attaques avec succès.Ils modifient continuellement leurs logiciels malveillants et leurs méthodes d'exécution de commande pour échapper à la détection.Les attaquants dans ces cas tentent d'obtenir une longueur d'avance sur le logiciel de sécurité au niveau le plus élémentaire.Cependant, certaines techniques adoptent une approche différente, en visant plus dans la pile et en prenant directement des logiciels de sécurité.Les méthodes les plus effrontées consistent à tirer parti de divers outils qui terminent directement ou d'arrêt du logiciel de sécurité.En cas de succès, cette méthode est efficace pour donner un règne sans attaquant sur un système.Cependant, il est au coût potentiel d'alerter les utilisateurs ou les administrateurs que le logiciel a cessé de signaler de manière inattendue ou a été éteint.Qu'en est-il d'une technique qui vole un peu plus sous le radar?En novembre 2022, Trend Micro a publié un [& # 8230;]
>In the ever-changing cybersecurity landscape, threat actors are forced to evolve and continually modify the tactics, techniques, and procedures (TTPs) they employ to launch and sustain attacks successfully. They are continually modifying their malware and command-execution methods to evade detection. The attackers in these cases are attempting to get a step ahead of security software at the most basic level. However, some techniques take a different approach, aiming further up the stack and directly taking on security software. The most brazen methods involve leveraging various tools that directly terminate or shutdown security software. If successful, this method is effective at giving an attacker free reign on a system. However, it comes at the potential cost of alerting users or administrators that the software unexpectedly stopped reporting or was shut off. What about a technique that potentially flies a bit more under the radar? In November 2022, Trend Micro published a […] |
Malware Tool Threat Prediction | ★★★ | |
|
2023-03-03 11:32:26 | Ransomware-Angriffe zielen auf immer größere Unternehmen ab, während immer weniger Opfer das Lösegeld zahlen (lien direct) | Dr. Martin J. Krämer, Security Awareness Advocate bei KnowBe4 Ransomware Spezialisten zufolge zeichnet sich ein Trend ab, nach dem Unternehmen immer besser in der Lage sind, die Folgen der Angriffe abzufedern. Dabei zahlen die Unternehmen oft kein Lösegeld. Dennoch finden Cyberkriminelle immer neue Wege, Konten und Netzwerke zu kompromittieren und durch steigende Lösungsgelder größeren Profit zu generieren. - Malware / Ransomware, cybersecurite_home_droite | Prediction | ★ | |
 |
2023-03-02 13:33:00 | SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics (lien direct) | The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend Micro said | Malware Threat Prediction | APT 27 | ★★ |
 |
2023-03-01 07:00:00 | Why Organisations Must Get to Grips With Cloud Delivered Malware (lien direct) | >Netskope has just published the Monthly Threat Report for February, with this month's report focused on what is going on in Europe. I don't intend to summarise the report in this blog, instead I want to zoom in and study a continuing trend that was highlighted in there; one that is unfortunately heading in the […] | Malware Threat Prediction Cloud | ★★★ | |
 |
2023-02-28 14:00:00 | CyberheistNews Vol 13 #09 [Eye Opener] Should You Click on Unsubscribe? (lien direct) |
CyberheistNews Vol 13 #09 | February 28th, 2023
[Eye Opener] Should You Click on Unsubscribe?
By Roger A. Grimes.
Some common questions we get are "Should I click on an unwanted email's 'Unsubscribe' link? Will that lead to more or less unwanted email?"
The short answer is that, in general, it is OK to click on a legitimate vendor's unsubscribe link. But if you think the email is sketchy or coming from a source you would not want to validate your email address as valid and active, or are unsure, do not take the chance, skip the unsubscribe action.
In many countries, legitimate vendors are bound by law to offer (free) unsubscribe functionality and abide by a user's preferences. For example, in the U.S., the 2003 CAN-SPAM Act states that businesses must offer clear instructions on how the recipient can remove themselves from the involved mailing list and that request must be honored within 10 days.
Note: Many countries have laws similar to the CAN-SPAM Act, although with privacy protection ranging the privacy spectrum from very little to a lot more protection. The unsubscribe feature does not have to be a URL link, but it does have to be an "internet-based way." The most popular alternative method besides a URL link is an email address to use.
In some cases, there are specific instructions you have to follow, such as put "Unsubscribe" in the subject of the email. Other times you are expected to craft your own message. Luckily, most of the time simply sending any email to the listed unsubscribe email address is enough to remove your email address from the mailing list.
[CONTINUED] at the KnowBe4 blog:https://blog.knowbe4.com/should-you-click-on-unsubscribe
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, March 1, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approac |
Malware Hack Tool Vulnerability Threat Guideline Prediction | APT 38 ChatGPT | ★★★ |
|
2023-02-27 15:34:00 | PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks (lien direct) | The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system. "This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers Buddy | Tool Prediction | ★★★ | |
 |
2023-02-27 00:00:00 | Round-the-Clock Defense Against Cryptojackers using Darktrace AI (lien direct) | Despite the market value of cryptocurrency itself decreasing in the final quarter of 2022, the number of known cryptocurrency mining software variants had more than trebled compared to the previous year. The intensive resource demands of mining cryptocurrency has exacerbated the trend of malicious hijacking third-party computers causing slower processing speeds and higher energy bills for many companies. | Prediction | ★★ | |
 |
2023-02-24 20:20:00 | CISA: Beware of DDoS, Web Defacements on Anniversary of Russian Invasion of Ukraine (lien direct) | The Cybersecurity and Infrastructure Security Agency advises US and European nations to prepare for possible website attacks marking the Feb. 24 invasion of Ukraine by Russia. | Prediction | ★★★ | |
|
2023-02-24 18:40:00 | CISA Sounds Alarm on Cybersecurity Threats Amid Russia\'s Invasion Anniversary (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year. "CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, | Prediction | ★★ | |
|
2023-02-24 09:30:00 | Firms Who Pay Ransom Subsidise 10 New Attacks: Report (lien direct) | Trend Micro urges victim organizations to resist extorters demands | Prediction | ★★★ | |
|
2023-02-24 09:15:38 | Trend Micro : Rançongiciels Chaque paiement de rançon finance 9 nouvelles attaques ! (lien direct) | Trend Micro Incorporated publie les résultats d'un nouveau rapport de recherches portant sur le fonctionnement des groupes de rançongiciels et la spirale de financement de leur attaque. Intitulé " What Decision Makers Need to Know About Ransomware Risk ", il révèle qu'il suffit du paiement de seulement 10 % des demandes de rançons pour financer de nouvelles vagues d'attaques. " Les rançongiciels constituent aujourd'hui une menace majeure pour la cybersécurité des entreprises, des collectivités et des (...) - Malwares | Ransomware Prediction | ★★★★ | |
 |
2023-02-24 00:00:00 | 2022 Review: Trend Transforms to SaaS Cybersecurity (lien direct) | Transformation to a SaaS-based cybersecurity vendor | Prediction Cloud | ★★ | |
|
2023-02-24 00:00:00 | Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool (lien direct) | Trend Micro's Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX. | Tool Prediction | ★★★ | |
 |
2023-02-23 10:21:53 | An Analysis of Emerging Fortinet Vulnerabilities Trend (lien direct) | >By SOCRadar Research Fortinet is one of the major cybersecurity companies and offers 56 cybersecurity... | Prediction | ★★ | |
|
2023-02-22 16:25:00 | Trend Micro Acquires SOC Technology Expert Anlyz (lien direct) | Technology tuck-in enhances industry's broadest XDR security platform. | Prediction | ★★ | |
|
2023-02-21 14:08:15 | Trend Micro Incorporated présente sa vision de la centralisation et de l\'amélioration de la sécurité des environnements informatiques, OT et CT (lien direct) | Trend Micro centralise et supervise la sécurité des environnements critiques, notamment industriels Trend Micro renforce son offre sur la sécurité cross-domain pour offrir une visibilité et un contrôle mutualisé des systèmes cyber/physiques. - Produits | Prediction | ★★★ | |
|
2023-02-11 16:41:00 | Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users (lien direct) | Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers Aliakbar | Malware Threat Prediction | ★★ | |
 |
2023-02-11 00:12:02 | Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper (lien direct) | >In the previous blog in this series, we covered the foundational elements that make up Neighborhood Keeper, as well as... The post Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper first appeared on Dragos. | Threat Prediction | ★★★ | |
 |
2023-02-10 02:00:00 | Top cybersecurity M&A deals for 2023 (lien direct) | Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world's biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight.Global concern over cybersecurity has never been higher, with attacks coming fast and furious and in ever-growing numbers, and 65% of organizations planned to increase cybersecurity spending in 2023. That means CISOs may be pressured to do more with what they have as budgets shrink even as demand for security increases. And they should be aware of what could change if one of their vendors is acquired in this climate.To read this article in full, please click here | Prediction | ★★ | |
|
2023-02-09 13:24:00 | BrandPost: Security Trends to Watch in 2023 (lien direct) | It's that time of year again when many of your favorite security professionals and vendors roll out their predictions for the coming year. Although not all of us have clairvoyant abilities, seasoned pros can spot a trend early and inform the rest of us before we're caught off guard. Because adversaries continually adapt and change, security practitioners must also adapt their thinking, understanding, and defenses to combat innovation by using tools such as threat intelligence, threat hunting, and proactive suppression. In this spirit, we have identified a few trends to look out for before it's too late. Geopolitical unrest Although distributed denial-of-service (DDoS) attacks have steadily increased over the past 20 years, recent data firmly establishes the reality that network operators need to understand, prepare for, and expect attacks related to politics, religion, and ideology. Nation-state actors often directly target internet infrastructure to take out critical communications, e-commerce, and other vital infrastructure dependent on internet connectivity. This, of course, means targeting internet service provider (ISP) networks to hobble internet connectivity.To read this article in full, please click here | Threat Prediction | ★ | |
 |
2023-02-09 11:15:15 | How will the NIS2 Directive impact the European bug bounty market? (lien direct) | >The NIS2 Directive is due to be implemented across the EU by September next year. Find out how the legislation will impact the region's bug bounty and cybersecurity industry. In 2022, the bug bounty and crowdsourced security industry experienced a surge in its validation and growth across the globe due to supportive legislation. This trend […] | Prediction | ★★★ | |
 |
2023-02-08 14:00:00 | What CISOs Should Know About Hacking in 2023 (lien direct) | >The art of cyber crime is in a constant state of flux and evolution. Simply staying on pace with these trends is a significant part of the CISO’s job. Today’s modern CISO must ensure they are always prepared for the next big trend and remain ahead of adversaries. As we begin to navigate 2023, the […] | Prediction | ★★★ | |
 |
2023-02-07 22:16:16 | KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach (lien direct) | KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can't predict what the producers will do with the video interviews we shot, it's fair to say the series will explore tantalizing new clues as to who may have been responsible for the attack. | Prediction | ★★★ | |
 |
2023-02-07 08:09:44 | ChatGPT : la bataille de la recherche web a commencé (lien direct) | Google, Baidu et Microsoft lui-même élargissent leur communication sur leurs stratégies respectives " IA + recherche web ". | Prediction | ChatGPT | ★★★ |
|
2023-02-06 14:49:44 | Microsoft Exchange Server Vulnerability Trend in 2022 (lien direct) | >By SOCRadar Research Microsoft Exchange Server, a widely used email and calendar server for businesses,... | Vulnerability Prediction | ★★ | |
 |
2023-02-06 11:00:00 | The ethics of biometric data use in security (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In a world where you can scan the veins in your hand to unlock a smartphone, how do you maintain control over personal data? Biometric authentication, the use of distinctive human features like iris patterns, fingerprints and even gait in lieu of a password, is gaining ground in the tech world. Proponents tout its inherent, hard-to-replicate qualities as a security benefit, while detractors see the same features as an invasion of privacy. Both sides may be right. The problems with biometrics Unlike a password, you can’t forget your face at home. But also, unlike a password, you can’t reset your face — meaning you’re out of luck if someone steals a photo of it. In 2016, a biometrics researcher helped investigators hack into a murder victim’s phone with only a photo of the man’s fingerprint. While security systems are getting more advanced all the time, current technology also allows cybercriminals to run wild with a single piece of biometric data, accessing everything from laptop logins to bank accounts. By its very nature, biometric authentication requires third parties to store biometric data. What happens if the information is exposed? In addition to potential hacking, breaching people’s personal data might reveal something they’d rather keep private. Vein patterns could reveal that a person has a vascular disorder, raising their insurance premiums. Fingerprints could expose a chromosomal disease. True, people give this same information to their doctors, and a medical data breach could have the same repercussions. But handing off biometric data to a commercial company — which isn’t bound by HIPAA or sworn to do no harm — is a much grayer area. Another issue that occasionally plagues biometric authentication is injuries and natural bodily changes. A single paper cut can derail a fingerprint scanner, and an aging eye throws iris scanners for a loop. People will have to update their photos every few years to remind the system what they look like. Some facial recognition programs can even predict how long a person will live. Insurance companies have expressed interest in getting hold of this data, since the way a person ages says a lot about their health. If stolen biometric data fed into an algorithm predicts a person won’t make it past 50, will their employer pass them up for a promotion? In the event of an accident, your family won’t easily be able to access your accounts if you use biometric authentication, since it’s not as simple as writing down a list of passwords. Maybe that’s a good thing — but maybe not. Another ethical dilemma with biometric data use is identifying people without their consent. Most people are used to being on camera at the grocery store, but if that same camera snaps a photo without permission and stores it for later retrieval, they probably won’t be too happy. Some people point out that you have no right to privacy in a public space, and that’s true — to an extent. But where do you draw the line between publicity and paparazzi? Is it OK to snap a stranger’s photo while you’re talking to them, or is that considered rude and intrusive? The benefits of biometric data Of course, no one would be handing off a photo of their face if the | Data Breach Hack Prediction Medical | ★★ | |
 |
2023-02-06 03:03:36 | What\'s in the Cards for Cybersecurity in 2023? (lien direct) | It's another new year and hence another occasion to predict how the cybersecurity landscape will evolve in 2023. Once again, it will be challenging, as most every year is, and could wind up being an unusually difficult 12 months because of multiple headwinds. One is that it has become clear that a huge increase in remote working is here to stay, if only because so many companies have adopted a durable hybrid policy – one that blends remote work with work in the office some weekdays. This is good for workers, who prefer to commute to work less, but not for corporate cybersecurity because remote... | Prediction | ★★★ | |
|
2023-02-06 00:00:00 | (Déjà vu) Cloud-ready and Channel-first (lien direct) | Trend Micro named one of 2023's coolest cloud security companies | Prediction | ★ | |
|
2023-02-03 17:42:00 | Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations (lien direct) | The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data. "The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers," Trend Micro researchers Mohamed Fahmy, Sherif | Prediction | APT 34 | ★★ |
 |
2023-02-03 15:06:57 | OilRig Hackers Exfiltrate Data From Govt. Agencies Using New Backdoors (lien direct) | In an ongoing cyber espionage campaign that uses a new backdoor to exfiltrate data, the Iranian nation-state hacker group OilRig has continued to target Middle Eastern governments. Researchers at Trend Micro, Mohamed Fahmy, Sherif Magdy, and Mahmoud Zohdy, explained that the effort “abuses legitimate but hacked email accounts to deliver stolen data to external mail […] | Prediction | APT 34 | ★★★ |
 |
2023-02-01 21:34:45 | Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks (lien direct) | Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can predict and proactively protect against emerging threats by using behavioral event data. CrowdStrike's artificial intelligence (AI)-powered indicators of attack (IOAs) use ML to detect and predict adversarial patterns in […] | Malware Threat Prediction | ★★★ | |
|
2023-02-01 07:00:00 | The Environment as an Imperative (lien direct) | >About 15 months ago we made a prediction. “COP26 has been the most urgent we have seen yet, with governments, businesses, and individuals all hearing and responding to scientists' calls for expedient action to protect our ways of life. We will see this imperative running through RFPs and procurement choices in 2022, and I predict […] | Prediction | ★★ | |
 |
2023-02-01 03:15:08 | CVE-2023-0587 (lien direct) | A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed. | Vulnerability Prediction | ||
|
2023-01-31 08:00:00 | Predictions For Securing Today\'s Hybrid Workforce (lien direct) | Since requirements differ for users who work both from home and in the office, policies - and underlying technology - must adapt. | Prediction | ★★★ | |
|
2023-01-30 13:58:02 | Trend Micro mobilise les hackers éthiques à l\'échelle mondiale pour identifier les vulnérabilités des véhicules connectés (lien direct) | Sécurité des systèmes embarqués Trend Micro mobilise les hackers éthiques à l'échelle mondiale pour identifier les vulnérabilités des véhicules connectés Pour renforcer la cybersécurité dans ce domaine stratégique, la Zero Day Initiative crée un bug bounty dédié : le Pwn2Own Automotive. - Business | Prediction | ★★ | |
 |
2023-01-30 06:59:43 | Analysis Report on Malware Distributed via Microsoft OneNote (lien direct) | This document is an analysis report on malware that is being actively distributed using Microsoft OneNote. The ASEC analysis team identified the rapidly increasing trend of OneNote malware distribution from November 2022 and has classified the malware according to the level of intricacy based on the screen that appears when the file is actually opened. These categories include ‘1) The type where malicious objects are hidden with simple block images’ and ‘2) The more intricately created malicious OneNote types’. Below... | Malware Prediction | ★★★★ | |
|
2023-01-26 11:00:00 | Predicting which hackers will become persistent threats (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the authors in this article. This blog was jointly written with David Maimon, Professor at Georgia State University.
Website defacement
Websites are central to business operations but are also the target of various cyber-attacks. Malicious hackers have found several ways to compromise websites, with the most common attack vector being SQL injection: the act of injecting malicious SQL code to gain unauthorized access to the server hosting the website. Once on the server, the hacker can compromise the target organization's website, and vandalize it by replacing the original content with content of their own choosing. This criminal act is referred to as website defacement. See Figure 1 for examples of past website defacements.
  Figure 1. Examples of past website defacements.
While the act of vandalizing a website may seem trivial, it can be devastating for the victimized entities. If an e-commerce site is publicly compromised, for example, they suffer direct and indirect financial loss. The direct losses can be measured by the amount of revenue that would have been generated had the website not been compromised, and by the time and money spent to repair the damaged site. Indirect losses occur because of reputational damage. Potential customers may be deterred from providing their banking information to an organization portrayed and perceived as incapable of protecting their assets.
Threat actors
Unlike most forms of hacking, website defacement has a public facing component. Assailants are eager to get credit for their success in compromising websites and are notorious for bragging about their exploits across various platforms, including general social media (e.g., Facebook, Twitter, Youtube, etc.) and hacking specific sites. The most popular platform on which hackers report successful defacements is Zone-H. Users of the platform upload evidence of their attack, and once the attack is verified by the site’s administrators, it is permanently housed in the archive and viewable on Zone-H’s webpage. Zone-H is the largest hacking archive in the world: over 15 million attacks have been verified by Zone-H thus far, with over 160,000 unique active users. The archive, as depicted in Figure 2, includes the hackers’ moniker, the attacked website's domain name, and an image of the defacement content (resembling the images depicted in Figure 1).
Figure 2. Zone-H: The largest hacking archive in the world.
Hackers tend to use the same moniker across platforms to bolster the reputation and status of their online identity, which allows for the gathering of digital artifacts and threat intelligence pertinent to the attack and attacker, respectively. Indeed, we have been systematically gathering data on active malicious hackers who report their successful defacements to Zone-H since 2017 and, in doing so, have uncovered several interesting findings that shed light on this underground community. For example, and in direct contrast to Hollywood’s stereotype of the lone actor, we observed an interconnected community of hackers who form teams and develop their skills through collaboration and camaraderie. We also found variation in hackers’ attack frequency: some hackers are extremely prolific and can be classified as persistent threats, while others only engage in a few attacks before disappearing. These finding |
Threat Prediction | ★★ | |
|
2023-01-26 10:15:36 | Netscout : DDOS attacks mirroring increased global geopolitical tensions (lien direct) | As distributed-denial-of-service (DDoS*) attack volumes have gradually increased over the course of the last 20 years, recent data has firmly established the link between geopolitical conflicts and these types of cyberattacks. The most apparent example of this trend is the ongoing war between Russia and Ukraine. The war has resulted in 66 per cent** of businesses changing their cybersecurity strategies, and 82 per cent*** of security professionals today believe that geopolitics and cybersecurity are intrinsically linked. What's more, according to NETSCOUT's 1H2022 Threat Intelligence Report, since Russia invaded Ukraine nearly a year ago, cyberattacks have become increasingly featured as part of threat actors' attack methodology. - Malware Update | Threat Prediction | ★★ | |
|
2023-01-26 00:00:00 | New Mimic Ransomware Abuses Everything APIs for its Encryption Process (lien direct) | Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage. | Ransomware Tool Prediction | ★★ | |
|
2023-01-25 11:06:00 | Attackers move away from Office macros to LNK files for malware delivery (lien direct) | For years attackers have used Office documents with malicious macros as one of the primary methods of infecting computers with malware. Microsoft finally took steps to disable such scripts by default in documents downloaded from the internet, forcing many groups to change tactics and increasingly choose LNK (shortcut) files as a delivery mechanism.This trend has led to the creation of paid tools and services dedicated to building malicious LNK files. Some of these builders include MLNK Builder, Quantum Builder, Macropack, LNKUp, Lnk2pwn, SharPersist, and RustLnkBuilder, but their use can provide opportunities for easier detection by security products.To read this article in full, please click here | Malware Prediction | ★ | |
|
2023-01-24 18:14:53 | (Déjà vu) 2022 Report Confirms Business-Related Phishing Emails Trend [INFOGRAPHIC] (lien direct) |
![2022 Report Confirms Business-Related Phishing Emails Trend [INFOGRAPHIC]](https://blog.knowbe4.com/hubfs/Q42022-SOCIAL.jpg)
KnowBe4's latest reports on top-clicked phishing email subjects have been released for 2022 and Q4 2022. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, top attack vector types, and holiday email phishing subjects. |
Prediction | ★★★★★ | |
|
2023-01-24 00:00:00 | Vice Society Ransomware Group Targets Manufacturing Companies (lien direct) | In this blog entry, we'd like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry. | Ransomware Prediction | ★★ | |
|
2023-01-20 07:15:12 | CVE-2022-48191 (lien direct) | A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system. | Vulnerability Prediction | ||
|
2023-01-19 19:57:37 | Cloud Threats Memo: Threat Actors Continue to Abuse Cloud Services to Deliver Malware in 2023 (lien direct) | >Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active […] | Malware Threat Guideline Prediction | ★★★ | |
 |
2023-01-19 17:00:00 | Prédictions de cybersécurité - 2023 Cybersecurity Predictions - 2023 (lien direct) |
>Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active […] | Prediction | ★★ | |
|
2023-01-18 22:54:00 | Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa (lien direct) | An ongoing campaign dubbed Earth Bogle is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan to victims across the Middle East and North Africa. "The threat actor uses public cloud storage services such as files[.]fm and failiem[.]lv to host malware, while compromised web servers distribute NjRAT," Trend Micro said in a report published Wednesday. Phishing emails, | Threat Prediction | ★★ | |
|
2023-01-18 18:10:00 | KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend (lien direct) | KnowBe4 releases overall 2022 and Q4 2022 global phishing test reports and finds business-related emails continue to be utilized as a phishing strategy and reveal top holiday email phishing subjects. | Prediction | ★★ | |
|
2023-01-17 16:00:00 | Earth Bogle Group Targets Middle East With NjRAT, Geopolitical Lures (lien direct) | Ongoing since at least mid-2022, the campaign was discovered by Trend Micro | Prediction | ★★★ |
To see everything:
Our RSS (filtrered)
