Day: February 6, 2023
GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry
6 February 2023Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. […]
Read More
Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack
6 February 2023Feb 06, 2023Ravie LakshmananHacktivist / Cyber Attack An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker NEPTUNIUM, which is an Iran-based […]
Read More
SaaS in the Real World: Who’s Responsible to Secure this Data?
6 February 2023When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data. What’s far murkier, however, is where the […]
Read More
OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability
6 February 2023Feb 06, 2023Ravie LakshmananAuthentication / Vulnerability The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. “This is not believed […]
Read More
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
6 February 2023Feb 06, 2023Ravie LakshmananMalvertising / Data Safety An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. “The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes,” SentinelOne researchers Aleksandar Milenkoski and Tom […]
Read More