OilRig APT Drills into Malware Innovation with Unique Backdoor
The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside images.
Apple Security Research Device Program Draws Mixed Reactions
Apple’s Security Research Device program is now open to select researchers – but some are irked by the program’s vulnerability disclosure restrictions.
Lazarus Group Surfaces with Advanced Malware Framework
The North Korean APT has been using the framework, called MATA, for a number of purposes, from spying to financial gain.
Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware
An Android spyware attack was recently discovered that targeted the Uyghur ethnic minority group – since 2013.
Leak Exposes Private Data of Genealogy Service Users
An exposed ElasticSearch server belonging to Software MacKiev put 60,000 users of Ancestry.com’s Family Tree Maker software at risk.
Group Replication SYSTEM messages in the error log
Group Replication enables you to create fault-tolerant systems with redundancy by replicating the system state to a set of servers. Even if some of the servers subsequently fail, as long it is not all or a majority, the system is still available.…
MATA: Multi-platform targeted malware framework
As the IT and OT environment becomes more complex, adversaries are quick to adapt their attack strategy. For example, as users’ work environments diversify, adversaries are busy acquiring the TTPs to infiltrate systems. Recently, we reported to our Threat Intelligence Portal customers a similar malware framework that internally we called MATA. The MATA malware framework…
Emotet Returns in Malspam Attacks Dropping TrickBot, QakBot
Emotet has resurfaced after a five-month hiatus, with more than 250,000 malspam messages being sent to email recipients worldwide.
Chris Vickery: AI Will Drive Tomorrow’s Data Breaches
Chris Vickery talks about his craziest data breach discoveries and why “vishing” is the next top threat no one’s ready for.
Critical Adobe Photoshop Flaws Patched in Emergency Update
Adobe issued out-of-band patches for critical flaws tied to 12 CVEs in Photoshop and other applications.