Stealthy Poisoning Attacks Bypass Defenses in Regression Settings

Regression models are widely used in industrial processes, engineering and in natural and physical sciences, yet their robustness to poisoning has received less attention. When it has, studies often assume unrealistic threat models and are thus less useful in practice. In this paper, we propose a...

SquidLoader Malware Campaign Hits Hong Kong Financial Firms

Trellix exposes SquidLoader malware targeting Hong Kong, Singapore, and Australia's financial service institutions. Learn about its advanced evasion tactics and stealthy attacks...

Quantum Properties Trojans (QuPTs) for Attacking Quantum Neural Networks

Quantum neural networks QNN hold immense potential for the future of quantum machine learning QML. However, QNN security and robustness remain largely unexplored. In this work, we proposed novel Trojan attacks based on the quantum computing properties in a QNN-based binary classifier. Our propose...

Medusa Ransomware Disables Anti-Malware Tools with Stolen Certificates

Cybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks...

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime CLR to dynamically load and run PowerShell commands, thereby creating a PowerShell...

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that...

Thanks for sharing!

Thanks for sharing! I also wrote about \u encoding several times https://lab.wallarm.com/what-stealthy-attacks-are-hiding-in-api-data%E2%80%8A-%E2%80%8Aand-why-do-most-waf-miss-them-c9f59e865d74/ That’s why we implemented parsers in Wallarm...

XDR Is The Best Remedy As Attackers Increasingly Seek To Evade EDR

Real enterprises are messy places. One messy reality is that enterprises don’t manage all their endpoints. A smart colleague turned me onto using the % of endpoints and servers managed as a prime security metric. On one end of the spectrum are places like universities that maybe manage 10% of the...

What stealthy attacks are hiding in API data — and why do most WAF miss them?!

Is JSON really more secure than other data encoding formats? JSON is a serialization format that allows users to 1 send objects as strings and then 2 it sends applications to recover objects from those strings. So, the short answer is that the JSON format as dangerous as other serialization...

The Fileless, Non-Malware Menace

There’s an old expression: if it looks like a duck, walks like a duck, and quacks like a duck, then it must be a duck. What happens, though, if the duck in question is malware that doesn’t behave like typical malware? Namely, it doesn’t drop a file on your disk to infect your computer, hijack...

Cryptomining is all the rage among hackers, as DDoS amplification attacks continue

In this week’s InfoSec news review we’ll dive into cryptomining, get the latest on DDoS amplification, go over recent data breaches, and check out another vendor claiming it can crack iPhones. I, me, mine The freight train that’s cryptomining shows no sign of slowing down, and the cyber security...