Month: January 2023
You Don’t Know Where Your Secrets Are
31 January 2023Do you know where your secrets are? If not, I can tell you: you are not alone. Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don’t know either. No matter the organization’s size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases. It might sound […]
Read More
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
31 January 2023Jan 31, 2023Ravie LakshmananCyber War / Malware The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. “The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files,” […]
Read More
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years
31 January 2023Jan 31, 2023Ravie LakshmananThreat Detection / Malware A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil over the years. “TrickGate managed to stay under the […]
Read More
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
31 January 2023Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 […]
Read More
GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
31 January 2023Jan 31, 2023Ravie LakshmananSecurity Incident / Encryption GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps. As a result, the company is taking the step of revoking the exposed certificates out of abundance of caution. The following […]
Read More
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
30 January 2023Jan 30, 2023Ravie LakshmananThreat Detection / Malware A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. “The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and […]
Read More
Realtek Vulnerability Under Attack: 134 Million Attempts in 2 Months to Hack IoT Devices
30 January 2023Jan 30, 2023Ravie Lakshmanan Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% […]
Read More
Gootkit Malware Continues to Evolve with New Components and Obfuscations
29 January 2023Jan 29, 2023Ravie LakshmananCyber Threat / Malware The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is “exclusive to this group.” Gootkit, […]
Read More
Microsoft Urges Customers to Secure On-Premises Exchange Servers
28 January 2023Jan 28, 2023Ravie LakshmananEmail Security / Cyber Threat Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. “Attackers looking to exploit unpatched Exchange servers are not going to go away,” the […]
Read More
Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge
28 January 2023Jan 28, 2023The Hacker News The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted […]
Read More