%term

From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Mar 15, 2024 By Jan Michael Alcantara In Netskope

Netskope Threat Labs has observed an evasive Azorult campaign in the wild that employs multiple defense evasion techniques from delivery through execution to fly under the defender’s radar as it steals sensitive data. Azorult is an information stealer first discovered in 2016 that steals sensitive information including user credentials, browser information, and crypto wallet data.

Read Post

Netskope

Read more about From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Cyber Security Decoded: Sherrod DeGrippo on Perspectives

Mar 15, 2024 By Rubrik In Rubrik

This advice from Sherrod DeGrippo applies not just to #CyberSecurity, but to all industries. Diverse perspectives and opinions will help cover your bases and see the world from many angles.

View Video

Rubrik

Read more about Cyber Security Decoded: Sherrod DeGrippo on Perspectives

LockBit affiliate jailed for almost four years after guilty plea

Mar 14, 2024 By Graham Cluley In Tripwire

An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges. 34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that started in March 2020.

Read Post

Tripwire

Read more about LockBit affiliate jailed for almost four years after guilty plea

Iron Mountain Data Centers' Proactive Approach to Modern Threats with Rubrik

Mar 14, 2024 By Rubrik In Rubrik

As a part of Iron Mountain Inc., a global leader in secure data and asset management trusted by 95% of the Fortune 1000, Iron Mountain Data Centers is uniquely positioned to protect, connect, and activate high-value customer data. Historically, Iron Mountain Data Centers took a defensive posture when it came to data security, focused on keeping bad actors out. Given the continually evolving nature of modern threats, the service provider had ambitious plans to elevate their cyber security platform, future-proofing their data security with Rubrik.

View Video

Rubrik

Read more about Iron Mountain Data Centers' Proactive Approach to Modern Threats with Rubrik

New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

Mar 13, 2024 By Alok Agrawal In Rubrik

Hackers move fast. The cybersecurity industry works hard to move as fast (or faster) than hackers. And regulators work to keep pace. In 2017, the New York Department of Financial Services enacted the sector’s most ambitious set of cybersecurity regulations: 23 NYCRR Part 500. These “Part 500” rules have been updated to reflect the evolving threat landscape, the most recent change (“Amendment 2”) implemented in December 2023 to address emerging cybersecurity needs.

Read Post

Rubrik

Read more about New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

LESLIELOADER - Undocumented Loader Observed

Mar 13, 2024 By Kroll In Kroll

Kroll observed the use of SPARKRAT in conjunction with a previously undocumented loader written in Golang. The loader assists in the initial infection and deployment of the malicious payload, enabling SPARKRAT to execute on a system. This process allows the payload to reach the target system undetected and unquarantined. The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance.

Read Post

Kroll

Read more about LESLIELOADER - Undocumented Loader Observed

Dental DDoS? No. Cameras and Ransomware? Oh yeah.

Mar 13, 2024 By Ben Edwards In BitSight

We’re back again with a monthly-ish blog reflecting on major goings on in the security world. I am writing the first draft on the rarest of holidays, leap day1! February gets extended by a day every four years, and if we had to guess Ivanti wishes this month would end.

Read Post

BitSight

Read more about Dental DDoS? No. Cameras and Ransomware? Oh yeah.

CTI Roundup: Linux Servers Target of New Malware Campaign

Mar 13, 2024 By Tanium In Tanium

New Linux malware campaign targets misconfigured servers, ransomware actors diversify their exfiltration tools, and Cado reveals its top cloud threat findings report for 2H23.

Read Post

Tanium

Read more about CTI Roundup: Linux Servers Target of New Malware Campaign

CASB vs DSPM with DDR

Mar 12, 2024 By Filip Verloy In Rubrik

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?

Read Post

Rubrik

Read more about CASB vs DSPM with DDR

GitHub "besieged" by malware repositories and repo confusion: Why you'll be ok

Mar 12, 2024 By Liran Tal In Snyk

As open source software development continues to evolve, so does its susceptibility to cybersecurity threats. One such instance is the recent discovery of malware repositories on GitHub. In this cybersecurity attack, threat actors managed to upload malicious code onto GitHub, a platform that hosts millions of code repositories and is used by developers worldwide.

Read Post