Malware
Ivanti CEO Promises Stronger Security After a Year of Flaws
Ivanti CEO Jeff Abbott, in an open letter and a video, outlined the steps the embattled company is taking to improve its security ...
Security Boulevard
BunnyLoader Malware: Modular Features Help Evade Detection
Wajahat Raja | | BunnyLoader malware, credential harvesting, cryptocurrency theft, Cybercrime Trends, Cybersecurity News, cybersecurity threats, data theft, Infection chains, Malware Analysis, Malware Detection, Malware evasion tactics, Malware Evolution, Modular malware, Palo Alto Networks Unit 42
In the ever-evolving landscape of cybersecurity threats, a new variant of malware has emerged, posing significant challenges for detection and mitigation efforts. Known as BunnyLoader malware, it has recently undergone a transformation, ...
Biden Review Board Gives Microsoft a Big, Fat Raspberry
Richi Jennings | | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Azure security, cisa, CISA.gov, CSRB, Cyber Safety Review Board, Cybersecurity Infrastructure Security Administration, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 forecast: Last year’s Chinese hack of federal agencies’ email is still a mystery, and “should never have occurred,” says CISA ...
Security Boulevard
XZ Utils Backdoor
The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have ...
Sophos: Backups are in Ransomware Groups’ Crosshairs
Enterprises that ignore their data backups, in contemplating ransomware, do so at their own peril, according to cybersecurity firm Sophos. Protecting backups will significantly reduce the harm to a company hit by ...
Security Boulevard
The Cybersecurity Industry Starts Picking Through Malicious XZ Utils Code
The open source community, federal agencies and cybersecurity researchers are busy trying to get their hands around the security near-miss of the backdoor found in versions of the popular XZ Utils data ...
Security Boulevard
WordPress Sign1 Malware Infects Over 39K Sites In 6 Months
Wajahat Raja | | brute-force attacks, Cyber attack sequence, Cybersecurity News, cybersecurity threats, Evading detection techniques, Malicious code injection, Malicious JavaScript Injections, Malware Detection, Plugin vulnerabilities, Sucuri security, website compromise, Website Security, WordPress Sign1 malware
Recent media reports have revealed a malicious malware campaign that has been active for the past six months. Reports claim that the WordPress Sign1 malware has infected and compromised over 39,000 sites ...
‘Darcula’ PhaaS Campaign Sinks Fangs into Victims
A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 ...
Security Boulevard
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Richi Jennings | | code reuse, open source software supply chain security, PyPI, PyPI malicious packages, pypi vuln, pypi vulnerability, python, Python Malware, Python Packages, Python vulnerability, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain hygiene, Software supply chain management, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, Software Supply Chain Security Weaknesses, typosquat, Typosquatting, typosquatting attacks
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
Security Boulevard
Industrial Enterprise Operational Technology Under Threat From Cyberattacks
One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, suggesting operational technology must improve ...
Security Boulevard