Threats
The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.
-
Attackers Continue to Leverage Signed Microsoft Drivers
In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post, security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware… Read more
-
How UPX Compression Is Used to Evade Detection Tools
Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that. Read more
-
Windows CLFS Vulnerability Used for Ransomware Attacks
Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver that could provide an attacker with… Read more
-
What is Ransomware? Everything You Should Know
Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability to cripple organizations by locking their data is a threat like no other. Knowing what… Read more
-
Over 15 Million Systems Exposed to Known Exploited Vulnerabilities
Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the… Read more
-
Microsoft Targets Critical Outlook Zero-Day Flaw
Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. According to Crowdstrike researchers, 40 percent of the patched vulnerabilities are remote code execution flaws, down from 48 percent last month; 31 percent are elevation of privilege flaws, up from almost 16 percent… Read more
-
BlackMamba PoC Malware Uses AI to Avoid Detection
HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. The malware, dubbed “BlackMamba,” is the latest example of exploits that can evade even the most sophisticated cybersecurity products. While… Read more
-
What is Cyber Threat Hunting? Definition, Techniques & Steps
Threat hunting starts with a pretty paranoid premise: That your network may have already been breached and threat actors may be inside waiting for an opportunity to strike. Sadly, that turns out to be true in many cases. You can’t be paranoid enough when it comes to cybersecurity. And that’s why cyber threat hunting adds… Read more
-
Cloudflare Blocks Record DDoS Attack as Threats Surge
Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS. “This is the largest reported HTTP DDoS attack on record, more than 35 percent higher than the previous reported record of 46 million RPS… Read more
