North Korea-linked TA444 group turns to credential harvesting activity

GlobalDefenseBot 25 January

3 minutes

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

The post North Korea-linked TA444 group turns to credential harvesting activity appeared first on Security Affairs.

[SANS ISC] A First Malicious OneNote Document

CySecBot 25 January

1 minute

I published the following diary on isc.sans.edu: “A First Malicious OneNote Document“: Attackers are always trying to find new ways to deliver malware to victims. They recently started sending Microsoft OneNote files in massive phishing campaigns. OneNote files (ending the extension “.one”) are handled automatically by computers that have the

The post [SANS ISC] A First Malicious OneNote Document appeared first on /dev/random.

Best Free Antivirus Software

CySecBot 25 January

10 minutes

We tested and researched the best free antivirus software and found the right ones for your needs. These picks are 100% free, not free trials.

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

CySecBot 25 January

1 minute

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his career. In the episode, Roger discusses his early days of m…

AsyncRAT Analysis with ChatGPT

CySecBot 25 January

1 minute

As cyber threats continue to evolve and become more sophisticated, it’s crucial for security researchers and professionals…
The post AsyncRAT Analysis with ChatGPT appeared first on Quick Heal Blog | Latest computer security news, tips, …

breaking news

DragonSpark threat actor avoids detection using Golang source code Interpretation

GlobalDefenseBot 25 January

3 minutes

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

What makes small and medium-sized businesses vulnerable to BEC attacks

CySecBot 25 January

1 minute

According to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – around $2.4 billion. In surprisingly sharp contrast, ransomware attacks accounted …

Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit

CySecBot 25 January

1 minute

Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat actors are opting for this option since it offers a viable alternative to commercial tools such as:- Desig…

Recent rise in SEO poisoning attacks compromise brand reputations

CySecBot 24 January

1 minute

A new research report from SentinelOne exposes a SEO poisoning attack campaign that hijacks brand names in paid search ads.
The post Recent rise in SEO poisoning attacks compromise brand reputations appeared first on TechRepublic.

Companies slow to “mask up” with zero trust cybersecurity protocols

CySecBot 24 January

1 minute

A new study by Gartner predicts that by 2026 just 10% of companies will have zero-trust protocols in place against cybersecurity exploits.
The post Companies slow to “mask up” with zero trust cybersecurity protocols appeared first on TechRepublic.