Category: Uncategorized
-
Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity [email protected] (The Hacker News)
Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected “threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection.” EDRSilencer, inspired by the NightHawk FireBlock tool…
-
Microsoft: Nation-state activity blurring with cybercrime
Post ContentRead More
-
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms [email protected] (The Hacker News)
The FIDO Alliance said it’s working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications…
-
From Misuse to Abuse: AI Risks and Attacks [email protected] (The Hacker News)
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who…
-
Experts slam Chinese research on quantum encryption attack
Post ContentRead More
-
How to build an incident response plan, with examples, template
Post ContentRead More
-
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware [email protected] (The Hacker News)
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when…
-
5 Techniques for Collecting Cyber Threat Intelligence [email protected] (The Hacker News)
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations. Pivoting on С2 IP…
-
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack [email protected] (The Hacker News)
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. “The spear-phishing campaign’s impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected,” Trend Micro said in a new analysis.…
-
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access [email protected] (The Hacker News)
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 “An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted…