What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-17 05:34:56 | FireEye Launches XDR Platform to Help Security Operations Teams (lien direct) | FireEye has launched FireEye XDR, a unified platform designed to help security operations teams strengthen threat detection, accelerate response capabilities, and simplify investigations. | Threat | ★★★★★ | |
|
2020-05-01 14:32:41 | Threat Horizon 2022: Cyber Attacks Businesses Need to Prepare for Now (lien direct) | Information security professionals are facing increasingly complex threats-some new, others familiar but evolving. | Threat | ||
|
2019-09-11 09:33:00 | New Passive RFID Tech Poses Threat to Enterprise IoT (lien direct) | The accelerating pace of RFID tech will make our lives more convenient. With greater convenience, however, comes a greater need for security solutions. | Threat | ||
|
2019-05-08 14:53:04 | Answering Tough Questions About Network Metadata and Zeek (lien direct) | As security operations teams search for the best threat data to analyze in their data lakes, network metadata often lands in the category of being just right. | Threat | ||
|
2019-05-06 12:11:00 | Qakbot Trojan Updates Persistence, Evasion Mechanism (lien direct) | The Qakbot banking Trojan has updated its persistence mechanism in recent attacks and also received changes that potentially allow it to evade detection, Talos' security researchers say. Also known as Qbot and Quakbot, the Trojan has been around for nearly a decade, and has received a variety of changes over time to remain a persistent threat, although its functionality remained largely unaltered. Known for the targeting of businesses to steal login credentials and eventually drain their bank accounts, the malware has received updates to the scheduled task it uses to achieve persistence on the infected systems, which also allows it to evade detection. The Trojan typically uses a dropper to compromise a victim's machine. During the infection process, a scheduled task is created on the victim machine to execute a JavaScript downloader that makes a request to one of several hijacked domains. A spike in requests to these hijacked domains observed on April 2, 2019 (which follows DNS changes made to them on March 19) suggests that the threat actor has made updates to the persistence mechanism only recently, in preparation for a new campaign. The downloader requests the URI "/datacollectionservice[.]php3." from the hijacked domains, which are XOR encrypted at the beginning of the JavaScript. The response is also obfuscated, with the transmitted data saved as (randalpha)_1.zzz and (randalpha)_2.zzz and decrypted using a code contained in the JavaScript downloader. At the same time, a scheduled task is created to execute a batch file. The code reassembles the Qakbot executable from the two .zzz files, using the type command, after which the two .zzz files are deleted. The changes in the infection chain make it more difficult for traditional anti-virus software to detect attacks, and the malware may easily be downloaded onto target machine, given that it is now obfuscated and saved in two separate files. “Detection that is focused on seeing the full transfer of the malicious executable would likely miss this updated version of Qakbot. Because of this update to persistence mechanisms, the transfer of the malicious Qbot binary will be obfuscated to the point that some security products could miss it,” Talos concludes. Related: Qakbot, Emotet Increasingly Targeting Business Users: Microsoft Related: Qbot Infects Thousands in New Campaign | Malware Threat | ||
|
2019-02-26 10:02:02 | WINDSHIFT Hackers Target Government Agency in the Middle East (lien direct) | A recently discovered threat actor was observed targeting a Middle Eastern government agency on several occasions over the course of last year, Palo Alto Networks security researchers reveal. | Threat | ||
|
2019-02-15 05:15:00 | A Call to Structure (lien direct) | One of the most significant challenges you face when building a threat Intelligence team is about how to best take on the ever-growing amount of Threat Intel. | Threat | ||
|
2019-01-17 09:21:05 | Four Technologies that will Increase Cybersecurity Risk in 2019 (lien direct) | While advances in technology provide many benefits, they also open new threat vectors and the potential for attacks that can spread quickly over connected ecosystems. | Threat | ||
|
2018-12-04 05:25:02 | 5 Cybersecurity Predictions for 2019 (lien direct) | The year is coming to a close. Therefore, it is important to analyze developing trends and prepare for the ever-changing threat landscape. | Threat | ||
|
2018-10-09 06:51:00 | Ransomware: Keep Safe and Stay Safe (lien direct) | Ransomware may not be the threat it once was, but it still poses a risk to the files and systems of businesses everywhere. | Ransomware Threat | ||
|
2018-09-24 14:48:01 | What Exactly is Threat Hunting - and Why Does it Matter? (lien direct) | Though there is debate over the various attributes that make up threat hunting, every SOC has the potential to engage in some level of hunting – and taking action is what's truly important. | Threat | ||
|
2018-08-28 09:13:00 | How Full Admin Rights Could Pose a Threat to Your Business (lien direct) | Having unrestricted admin rights in place poses a significant risk of privilege escalation attacks and lateral movement. | Threat | ||
|
2018-08-02 10:40:00 | Cryptojacking – More than a Nuisance, It Poses a Serious Threat to Data Centers (lien direct) | Pre-execution security technologies coupled with core antimalware technologies can effectively detect and not just block the cryptojacking payload, but also prevent the attack from occurring. | Threat | ||
|
2018-07-26 13:27:00 | Plug Your Cloud Cybersecurity Holes (lien direct) | Threat detection and analytics are only as effective as the granularity the network infrastructure provides for packet access. | Threat | ||
|
2018-07-03 00:29:00 | Navigating Dangerous Waters: the Maritime Industry\'s New Cybersecurity Threat as Technology Innovation Grows (lien direct) | Here is how the maritime industry can overcome cybersecurity challenges to enter the next generation of shipping. | Threat | ★★★★ |
1
We have: 15 articles.
We have: 15 articles.
To see everything:
Our RSS (filtrered)
