14 matches found
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and...
Publisher’s Weekly Review of A Hacker’s Mind
Publishers Weekly reviewed A Hackers Mind--and its a starred review! "Hacking is something that the rich and powerful do, something that reinforces existing power structures," contends security technologist Schneier Click Here to Kill Everybody in this excellent survey of exploitation. Taking a...
North Korean Lazarus APT group targets blockchain tech companies
A new advisory issued by the Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the US Treasury Department Treasury, highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced...
Hacky Holidays: Celebrating the Best of Security Nation [Video]
!Hacky Holidays: Celebrating the Best of Security Nation \Video\https://blog.rapid7.com/content/images/2021/12/security-nation-recap-2.jpg Most of us allow ourselves a few extra indulgences around the holidays — so despite my best editorial sensibilities, I'm letting myself indulge here in a...
How to build a privacy program the right way
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with attorney Whitney Merrill, an expert on...
How to build a privacy program the right way
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with attorney Whitney Merrill, an expert on...
Unauthorized Access Vulnerability in Online Fingerprint Time and Attendance System of Beijing Zhongcheng Technology Development Co.
Ltd. is a company in the field of time safety management, venture capital, green agriculture, mining extraction and OEM production. An unauthorized access vulnerability exists in the online fingerprint time and attendance system of Beijing Zhongguancun Technology Development Co. Ltd, which can be...
How social media platforms mine personal data for profit
It’s almost impossible not to rely on social networks in some way, whether for personal reasons or business. Sites such as LinkedIn continue to blur the line, increasing the amount of social function over time with features and services resembling less formal sites, such as Facebook. Can anyone...
The Twenty Minute VC with Carbon Black CEO Patrick Morley
Editor's Note: This post originally appeared on TheTwentyMinuteVC.com. Patrick Morley is the President and CEO @ Carbon Black, the company that combines unfiltered data collection, predictive analytics, and cloud-based delivery to provide superior endpoint protection. Prior to their IPO in April...
Carbon Black Opens New Research and Development Office in Greater Portland, Oregon
Carbon Black is proud to announce our new office opening in Hillsboro, Oregon – just outside of Portland. The office will serve as a center for research and development, with a focus on bringing new products to market. Hillsboro lies just outside of Portland, a city that experienced a 40-percent...
HD Moore Leaves Rapid7 for Venture Capital Opportunity
HD Moore, creator of the Metasploit Framework and a security innovator behind a number of Internet-wide security research projects, is moving into venture capital. Moore announced yesterday that he is leaving his current post as chief research officer at Rapid7 on Jan. 29 for a new opportunity in...
Adequate Attack Data and Threat Information Sharing No Longer a Luxury
BOSTON – While some industry groups such as the Financial Services Information Sharing and Analysis Center FS-ISAC and cross-industry groups such as the Advanced Cyber Security Center ACSC facilitate the exchange of threat information, for the most part organizations are still hamstrung by legal...
Security Veterans Score Funding for New Startup Bluebox
Many people would consider themselves lucky to be a part of one successful start-up company, but for a select group of entrepreneurs, engineers and executives, that’s just the beginning. Such is the case for the team behind new mobile security firm Bluebox, a stealth-mode company that counts SPI...
Firm Scores $29M for Anti Botnet-As-A-Service
Endgame Systems is expanding from the government sector to commercial anti botnet services with a $29 million investment. The headlines in recent months have been filled with news about busts of major botnet operations – Bredolab, Pushdo, Waldec and Mariposa among them. But botnets are still a...