Back to School Reminder - Keep Your Mac Clean!

Back to School Reminder – Keep Your Mac Clean!

| | Threat Research
Key points from our research: Around early-mid August, we noticed an increase in MacOS malware detections, specifically AdLoad and UpdateAgent in IronDome, in the education sector. This timing correlates with students returning to school, therefore bringing their personal (infected) devices to school networks, and is likely the cause of this ... Read More
Back To School Reminder - Keep Your Mac Clean!

Back To School Reminder – Keep Your Mac Clean!

| | Threat Research
Key points from our research: Around early-mid August, we noticed an increase in MacOS malware detections, specifically AdLoad and UpdateAgent in IronDome, in the education sector. This timing correlates with students returning to school, therefore bringing their personal (infected) devices to school networks, and is likely the cause of this ... Read More

Key Findings from Defending the NOC at Black Hat Europe 2022

| | Cybersecurity
Key Points IronNet’s detections during the Black Hat Europe conference revealed not only several active malware infections – such as the Arechclient2 info-stealer – but also exposed a series of poor security practices by attendees that could have led to severe follow-on compromises in both the Black Hat network and ... Read More

The security risk of M&A: Are Chinese cyber threats lurking in legacy infrastructure?

| | Threat Research
Key points In late August 2022, IronNet Threat Research discovered a malicious cyber intrusion by a highly sophisticated, likely China-based threat actor in the network of a U.S. software company. It is suspected the threat actor was conducting staging activity, possibly to exploit the lower security posture over the upcoming ... Read More
The complexities of serverless security

The complexities of serverless security | How to secure serverless applications | Contrast Security

| | serverless
Serverless computing is a cloud-native model that allows developers to write code and deploy applications without needing to manage servers and other infrastructure running the services. Though you’re technically still working with servers, there’s also a cloud provider managing and provisioning the infrastructure on your behalf.  ... Read More

Cyber Attacks on the Power Grid

| | Threat Research
Given the recent news of Industroyer2 targeting Ukrainian electrical substations in April 2022 and the increased threat of cyber attacks on energy infrastructure, IronNet Threat Research took an interest in breaking down and analyzing past malware and threat actors that have targeted the various stages of the energy supply chain, ... Read More

Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine

| | Threat Research
On April 18, 2022, CERT-UA published alert #4490, which describes a malicious email campaign targeting Ukraine. The email attempts to deploy a Cobalt Strike beacon on the victim's system through the use of a MS Office macro. In the alert, CERT-UA provides a list of indicators of compromise (IoCs), including ... Read More
Contrast Serverless detects malware in AWS Lambda functions

Contrast Serverless detects malware in AWS Lambda functions

|
Two weeks ago, Cado security released an analysis about Denonia claiming it to be the first, publicly-known case of malware specifically designed to execute in an AWS Lambda environment. Denonia derives its name after the domain that the malicious code used to communicate with. The Golang-based malicious code runs crypto-mining ... Read More
Contrast Security does it again, keeping your serverless applications safe from Spring vulnerabilities

Contrast Security does it again, keeping your serverless applications safe from Spring vulnerabilities

|
Another weakness in the supply chain puts thousands of organizations at risk for cyber attacks ... Read More