Malware
Techstrong TV: How to Prepare for Highly Destructive Malware
With cyberattacks on the rise with Microsoft’s warning of a highly destructive form of malware in Ukraine and White Rabbit being linked to FIN8, Tim Van Ash, Sr. VP of Product and ...
The Analyst Prompt #15: Network Environment-Focused Conversations Needed in Approaches to Cyber Security
Exploit Tools and Targets: Enhance Third-Party Risk Management to Mitigate Multi-Targeted Approach Third-party attacks, or supply chain attacks, occur when a trusted software, vendor, or other external company property or personnel is ...
Long Term Analysis Illustrates How Risk Posed by a Vulnerability Changes as Exploits Develop Over Time
Introduction Vulnerability management is a popular cybersecurity strategy prioritizing known weaknesses. Much cybersecurity analysis focuses on a particular threat at a specific point in time, covering a narrow window of activity as ...
The Power of Provenance: From Reactive to Proactive Cybersecurity
While next-gen firewalls (NGFW), extended detection and response (XDR) and other security solutions do a great job of detecting and thwarting cyberattacks, it’s just too common for a sneaky or camouflaged threat ...
Malware Families Love Telegram, Discord as Much as Users
Messaging apps like Discord and Telegram have become a conduit for malware, as their popularity grows among users who want to create and share programs on the platforms. These bots may facilitate ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
APT29 Leverages Google Drive, Dropbox to Evade Detection
Call them Cozy Bear or APT29 or Nobelium or, as Palo Alto Networks’ Unit 42 does, Cloaked Ursa—no matter what name they go by, Russia’s Intelligence Service is still at it, this ...
Threat Actors Circumvent Microsoft Efforts to Block Macros
Microsoft’s announcement that it would block macros in Microsoft Office apps by default didn’t stop threat actors—they have simply resorted to new tricks. “Threat actors across the landscape responded by shifting away ...
Filters, Protects, Blocks: 3 Ways A DNS Ensures Safer Online Experience
A DNS, or ‘Domain Name System’, is another one of those systems that get... The post Filters, Protects, Blocks: 3 Ways A DNS Ensures Safer Online Experience appeared first on Reason ...
Emotet Downloader Document Uses Regsvr32 for Execution
Executive Summary This paper investigates a recent Emotet intrusion and details how the final Emotet payload is installed onto the system. The key observations are: Obfuscated Excel macros used to download and ...