Month: January 2023

You Don’t Know Where Your Secrets Are

31 January 2023

Do you know where your secrets are? If not, I can tell you: you are not alone. Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don’t know either. No matter the organization’s size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases. It might sound […]

Read More

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

31 January 2023

Jan 31, 2023Ravie LakshmananCyber War / Malware The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. “The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files,” […]

Read More

Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years

31 January 2023

Jan 31, 2023Ravie LakshmananThreat Detection / Malware A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil over the years. “TrickGate managed to stay under the […]

Read More

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

31 January 2023

Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 […]

Read More

GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom

31 January 2023

Jan 31, 2023Ravie LakshmananSecurity Incident / Encryption GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps. As a result, the company is taking the step of revoking the exposed certificates out of abundance of caution. The following […]

Read More

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

30 January 2023

Jan 30, 2023Ravie LakshmananThreat Detection / Malware A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. “The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and […]

Read More

Realtek Vulnerability Under Attack: 134 Million Attempts in 2 Months to Hack IoT Devices

30 January 2023

Jan 30, 2023Ravie Lakshmanan Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% […]

Read More

Gootkit Malware Continues to Evolve with New Components and Obfuscations

29 January 2023

Jan 29, 2023Ravie LakshmananCyber Threat / Malware The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is “exclusive to this group.” Gootkit, […]

Read More

Microsoft Urges Customers to Secure On-Premises Exchange Servers

28 January 2023

Jan 28, 2023Ravie LakshmananEmail Security / Cyber Threat Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. “Attackers looking to exploit unpatched Exchange servers are not going to go away,” the […]

Read More

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

28 January 2023

Jan 28, 2023The Hacker News The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted […]

Read More