Menu

Blog

Archive for the ‘cybercrime/malcode’ category

Jan 12, 2025

Chinese hackers target US Treasury computers used for sanctions — Committee on Foreign Investment specifically targeted

Posted by in category: cybercrime/malcode

No secret information was stolen.

Jan 11, 2025

Innovation, Automation, And The Cybersecurity Challenges Ahead

Posted by in categories: cybercrime/malcode, robotics/AI

The rapid evolution of artificial intelligence is transforming cybersecurity, offering unprecedented opportunities to defend against increasingly complex and automated threats. AI is no longer a support tool—it’s emerging as a central pillar of modern security strategies. From detecting anomalies and automating threat responses to augmenting security teams, AI is enabling defenders to act faster, scale their operations, and outpace attackers. However, as the technology advances, significant challenges remain, from adversarial AI to the cultural inertia of legacy systems.

Tomer Weingarten, CEO of SentinelOne, and Richard Stiennon, research analyst with IT-Harvest and author of Security Yearbook 2024, both highlight the potential—and limitations—of AI in cybersecurity. “It’s very early days for AI in security,” says Stiennon. “I have found 84 startups with various AI agents or which hope to deploy guardrails to protect companies from mishandling of data by users of AI. It’s way too early to say that any of them are having an impact on the ecosystem. That said, the future is clear. AI will be part of every cyber defense position.”

Weingarten echoes this sentiment, noting that AI’s role is rapidly expanding but far from mature. “AI is no longer just about supporting cybersecurity—it’s fundamentally changing how we secure systems, anticipate threats, and automate responses,” he explains.

Jan 9, 2025

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks

Posted by in category: cybercrime/malcode

A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.

The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.

Exploiting an arsenal of over 20 known security vulnerabilities and weak Telnet credentials for initial access, the malware is known to have been active since February 2024. The botnet has been dubbed “gayfemboy” in reference to the offensive term present in the source code.

Jan 9, 2025

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques

Posted by in category: cybercrime/malcode

NonEuclid RAT: C# malware offering remote access, antivirus bypass, and ransomware, active since November 2024.

Jan 9, 2025

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

Posted by in categories: cybercrime/malcode, policy

Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns.

Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.

While there are safeguards such as DomainKeys Identified Mail (DKIM), Domain-based Message Authentication, Reporting and Conformance (DMARC), and Sender Policy Framework (SPF) that can be used to prevent spammers from spoofing well-known domains, such measures have increasingly led them to leverage old, neglected domains in their operations.

Jan 8, 2025

New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

Posted by in categories: cybercrime/malcode, evolution, internet

Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework.

The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution.

“The key plugins can be categorized in terms of their functionality into the following groups: Plugin Orchestrator, File System Manipulation, Remote Access Manager, Process Exploration, Network Connection Listing, and Service Management,” Kaspersky researchers Saurabh Sharma and Vasily Berdnikov said in an analysis.

Jan 8, 2025

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

Posted by in category: cybercrime/malcode

Chinese hackers exploited BeyondTrust API keys in a major Treasury cyberattack; CISA confirms no wider federal impact.

Jan 8, 2025

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Posted by in categories: biotech/medical, cybercrime/malcode, genetics

Outdated BIOS firmware in Illumina iSeq 100 allows attackers to disable devices or install malware, threatening critical genetic research and vaccine.

Jan 5, 2025

Quantum Leap: D-Wave’s Bold New Move! Discover the Future of Computing

Posted by in categories: cybercrime/malcode, quantum physics

In a groundbreaking development poised to reshape the landscape of quantum computing, D-Wave Systems has announced their latest innovation: the Advantage2 quantum processor. As the industry grapples with an ever-increasing demand for computational power, this announcement signals a pivotal moment in the quest to harness the full potential of quantum technology.

Game-Changing Technology The Advantage2 processor boasts a staggering 7,000 qubits, significantly surpassing its predecessors and setting a new benchmark for quantum performance. This advancement is expected to enhance quantum annealing processes, thereby accelerating solutions for complex optimization problems that classical computers struggle to handle efficiently.

Continue reading “Quantum Leap: D-Wave’s Bold New Move! Discover the Future of Computing” »

Jan 4, 2025

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Posted by in category: cybercrime/malcode

PLAYFULGHOST malware mimics Gh0st RAT with advanced spyware features, targeting users via phishing and SEO poisoning techniques.

Page 1 of 22612345678Last