Malware
SolarWinds/SUNBURST Backdoor, Third-Party and Supply Chain Security
In episode 152 for December 21st 2020: A discussion about the SolarWinds Orion backdoor, third-party security, and the threat of supply chain attacks with co-host Kevin Johnson. ** Links mentioned on the ...
Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye)
Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye)First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly ...
Bitglass Security Spotlight: Popular Messaging App Exposes Users’ Private Data.
Here are the top stories of recent weeks: Go SMS Pro Users’ Private Data Leaked Ransomware Hits Hosting Provider, Managed.com Cryptocurrency Exchange Portal Experiences Security Breach. Capcom Confirms Data Breach via Ransomware ...
Ginp Banking Trojan Exploits Covid-19 Fears
Even the staunchest digital puritans have been spurned to click on a thing or two due to FOMO or ’fear of missing out’. Our natural, healthy fear of missing out on something ...
Why You Should Monitor Your Website
In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques range from ...
Top Security Trends for 2021 (and What They Mean for You)
2020 was a crazy year, and one none of us is likely to forget. But as we look ahead to 2021, here are five cybersecurity predictions and trends we think everyone should ...
Malware Dropper Takes Advantage of COVID-19 Pandemic
Since April, our team has been tracking the spread of a PHP malware dropper. It’s impacting unsuspecting victims who thought they were downloading a mapping software to monitor the spread of the ...
New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign
The Cybereason Nocturnus Team has identified an active espionage campaign employing three previously unidentified malware variants that use Facebook, Dropbox, Google Docs and Simplenote for command & control and the exfiltration of ...
New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign
The Cybereason Nocturnus Team has identified an active espionage campaign employing three previously unidentified malware variants that use Facebook, Dropbox, Google Docs and Simplenote for command & control and the exfiltration of ...
Fake WordPress Functions Conceal assert() Backdoor
A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting. Among 246 other lines, this very specific ...
