VTPRACTITIONERS{ACRONIS}: Tracking FileFix, Shadow Vector, and SideWinder
Introduction We have recently started a new blog series called #VTPRACTITIONERS. This series aims to share with the community what other practitioners are able to research using VirusTotal from a technical point of view. Our first blog saw our colleagues at SEQRITE tracking UNG0002, Silent Lynx, and DragonClone. In this new post, Acronis Threat Research […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…More information
- Microsoft Windows Uniscribe CVE-2017-0125 Information Disclosure Vulnerability
- DigitalOcean Discloses Impact From Recent Mailchimp Cyberattack
- CISO Conversations: Steve Katz, the World’s First CISO
- PayPal Warns 35,000 Users of Credential Stuffing Attacks
- Debunking the Top User Experience, Security, and Fraud Myths
- Pentest-as-a-Service Company Cobalt Raises $29 Million
- CrossTalk: First Speculative Execution Attack Allowing Data Leaks Across Intel CPU Cores
- Google Chrome will warn you when it’s been hijacked
- ISIS (ACOM & BCOM) and IBIS (CCOM) Vendor Fixes – May 19
- EMV transition will still leave security gaps