The AI-powered cyberattack era is here
Prognosticators have been prognosticating for 20 years about a future in which hackers use AI to breach networks, steal data, and socially engineer credulous employees. And like so many AI-related futurisms in the age of LLM-based generative AI, this prediction is coming true. Anthropic reported last week that a hacker used its technology for an […] more…IT threat evolution Q1 2019
Targeted attacks and malware campaigns Go Zebrocy Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor’s past behaviour, we predicted last […] more…APT review of the year
What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s […] more…8 steps to regaining control over shadow IT
A dangerous practice on the rise Image by Pexels “Shadow IT” refers to the too-common practice whereby managers select and deploy cloud services without the consent or even the knowledge of the IT department. These services act as extensions of the corporation but are steered entirely by groups that lack the knowledge or process to […] more…EyePyramid and a Lesson on the Perils of Attribution
In the past weeks, information-stealing malware EyePyramid made headlines after it was used to steal 87GB of sensitive data from government offices, private companies and public organizations. More than 100 email domains and 18,000 email accounts were targeted, including those of high-profile victims in Italy, the U.S., Japan and Europe. The natural assumption for many […] more…SINOWAL Attempts To Disable Rapport, Aid ZBOT
The year might be coming to a close but we’re still seeing our 2013 predictions come true. We encountered an attack that featured an old malware with new routines. This malware, detected as BKDR_SINOWAL.COP specifically attempts to disable the Rapport software from Trusteer. Figure 1. Code that looks for the Trusteer Rapport module Rapport is software […] more…Observations on the Evolution of Cyber Tactics in 2013
“There is one thing stronger than all the armies in the world, and that is an idea whose time has come.” – Victor Hugo The world has reached a point of inflection in cybercrime. As cyberspace abounds with cyber privateers, and many nations of the world become havens for these modern-day pirates, it appears that […] more…More information
- IE Exploit Added to Neutrino After Experts Publish PoC
- IBM Warns of New CoreBot Stealer
- $29.99 for the IT Security & Ethical Hacking Certification Training ($1,895 value) – Deal Alert
- Unix: Book Review — Absolute OpenBSD: Unix for the Practical Paranoid by Michael W. Lucas, Open Starch Press, 2013
- Mirai Widens Distribution with New Trojan that Scans More Ports
- Security myths that can make you laugh… or cry
- Microsoft Edge Scripting Engine CVE-2017-11909 Remote Memory Corruption Vulnerability
- Deep Instinct Raises $43 Million in Series C Funding Round
- Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’
- Facebook Flaws Exposed Friend Lists, Payment Card Data