New Malware Takes Commands From Memes Posted On Twitter

Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services. Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter accoun...

If China Hacked Marriott, 2014 Marked a Full-on Assault

It increasingly appears that China was behind the Marriott hack, making 2014 a landmark year in cyberattacks against the US...

NRCC Email Hack Highlights Lack of Visibility & Proactive Threat Hunting at Political Organizations

Earlier this week, Politico reported that the National Republican Congressional Committee NRCC suffered a major attack prior to the 2018 U.S. midterm elections, with thousands of sensitive emails from four senior aides exposed to an outside intruder. While the impact of this breach is still...

8 Ways to Avoid the Cybersecurity Grinch This Holiday Season

'Tis the season to be jolly…unless you work in cybersecurity. According to the Carbon Black Threat Analysis Unit TAU, organizations should expect to see a spike in potential cyberattacks starting with Black Friday/Cyber Monday and continuing through the holiday shopping season. TAU’s analysis...

USPS, Amazon Data Leaks Showcase API Weaknesses

The annual holiday buying bonanza has officially kicked off for 2018, and, as if on cue, a pair of security incidents at two of the most-used services this time of year – the U.S. Postal Service and Amazon – showed up to remind us of the dangers of shopping season. Both hinged on improper API use...

What Happened to Cyber 9/11?

A recent article in the Atlantic asks why we haven't seen a"cyber 9/11" in the past fifteen or so years. I, too, remember the increasingly frantic and fearful warnings of a "cyber Peal Harbor," "cyber Katrina" -- when that was a thing -- or "cyber 9/11." I made fun of those warnings back then. Th...

Utilities, Energy Sector Attacked Mainly Via IT, Not ICS

While industrial control systems ICS are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report o...

New AI system DARKMENTION will detect upcoming cyberattacks from dark web

By Waqas Cybersecurity is one of the primary concerns of internet users nowadays, which includes commercial and governmental organizations as well. Recent, large-scale data breaches at Gmail, Equifax, Facebook, Google+ Cathay Pacific Airways, and Yahoo, etc., have made it clear that the bigger th...

Chinese Threat Actors Indicted For Stealing Aviation Trade Secrets

Hot on the heels of the Carbon Black Quarterly IR Threat Report, specifically calling out increased cybercrime activity from China, the US Department of Justice has indicted ten Chinese Nationals for perpetrating attacks against U.S. and French aviation companies in a stunning display of state...

Tracking Tick Through Recent Campaigns Targeting East Asia

This blog post is authored by Ashlee Benge and Jungsoo An, with contributions from Dazhuo Li. Summary Since 2016, an advanced threat group that Cisco Talos is tracking has carried out cyberattacks against South Korea and Japan. This group is known by several different names: Tick, Redbaldknight a...

New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors

Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called PerlBot or Shellbot. Researchers a...

ThreatList: Microsoft IIS Sees Triple-Digit Spike in Cyberattack Volume

Internet Information Services IIS, an extensible web server originally created by Microsoft for use with the Windows NT family, saw a whopping 782x increase in cyberattacks during the second quarter, according to analysis. According to eSentire’s latest threat report based on data gathered from...

Carbon Black Report: An Evolution of Cyberattacks

Quarterly Incident Response Threat Report An Evolution of Cyberattacks From Grab-and-Go Breaches to Long-Term Campaigns The data in this report reveals that today’s cyberattacks manifest as increasingly complex, long-term campaigns. Employing high-level tools and techniques, attackers set out to...

Carbon Black Report: Tools of Choice

Quarterly Incident Response Threat Report PowerShell and WMI Remain Tools of Choice for Cyberattacks We’ve long known that PowerShell has been abused, but it is still significant that 100% of respondents say they believe the tool most often helps facilitate lateral movements, followed by WMI at...

This Week in Security News: Tracking and Hacking

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Google revealed a secret deal with Mastercard that allows it to track what users buy offline. Also, Senate and House representatives warn th...

U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy

The Justice Department has charged a North Korean man in the hacking of Sony Pictures Entertainment SPE in 2014 – as well as the global WannaCry attack last year that caused millions of dollars of economic damage and also charged him with the costly 2016 SWIFT attack on the Bangladesh central ban...

19-Year-Old Hacker Arrested Over Making Hoax School and Flight Bomb Threats

British police have arrested a 19-year-old teen who is an alleged member of Apophis Squad cybercriminal group responsible for making hoax bomb threats to thousands of schools and airlines; and DDoSing ProtonMail and Tutanota secure email services. George Duke-Cohan was arrested in his bedroom at...

McAfee Night Dragon Report (Update A)

Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain...

This Week in Security News: Hijacks and Healthcare

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Singapore looks into the effectiveness of virtual browsers in an attempt to reduce cyberattacks on healthcare systems. Also, cybercriminals...

Understanding TRITON and the Missing Final Stage of the Attack

In December 2017 it was reported that a Middle Eastern oil and gas petrochemical facility had undergone a safety system shutdown as the result of a malware attack. The malware, named TRITON also TRISIS or HatMan exceeded other industrial cyberattacks because it directly interacted with and...