Blog

Multi-stage crypto-mining malware hides in legitimate apps with month-long delay trigger

Researchers have discovered a new multi-stage malware delivery campaign that relies on legitimate application installers distributed through popular software download sites. The malicious payload delivery, which includes a cryptocurrency mining program, is done in stages with long delays that can add up to almost a month. “After the initial software installation, the attackers delayed the infection process for weeks and deleted traces from the original installation,” researchers from security firm Check Point Software Technologies said in a new report. “This allowed the campaign to successfully operate under the radar for years.” To read this article in full, please click here
http://news.poseidon-us.com/SXT3H1

DDoS activity launched by patriotic hacktivists is on the rise

Radware released a report revealing that the number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. This Help Net Security video provides information about the rise of DDoS activity launched by patriotic hacktivists. The post DDoS activity launched by patriotic hacktivists is on the rise appeared first on Help Net Security.
http://news.poseidon-us.com/SXSrwT

How automation can solve application development challenges

Security Compass has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their secure development efforts. In order for software developers and security teams to effectively collaborate and ensure that a company’s software products are secure, developers need automated, current, relevant, and actionable JITT training embedded into their development tools and processes. The research found that while most developers believe their enterprise has … More → The post How automation can solve application development challenges appeared first on Help Net Security.
http://news.poseidon-us.com/SXSD8y

Outdated infrastructure not up to today’s ransomware challenges

A global research commissioned by Cohesity reveals that nearly half of respondents say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their data. In some cases, this technology is more than 20 years old and was designed long before today’s multicloud era and onslaught of sophisticated cyberattacks plaguing enterprises globally. Challenges pertaining to outdated infrastructure could easily be compounded by the fact that many IT and security teams don’t … More → The post Outdated infrastructure not up to today’s ransomware challenges appeared first on Help Net Security.
http://news.poseidon-us.com/SXSCKN

Pathway to FADGI Compliance

Where are you on the path to FADGI compliance? A deadline to shift from paper to electronic records, as mandated by NARA and OMB, underscores the need for agencies to implement a broad digitization strategy. Download our exclusive ebook for expert advice on how to do that from EPA, GPO, the Library of Congress and NARA.
http://news.poseidon-us.com/SXQHR2

COVID-19 data put for sale on the Dark Web

Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered and shared with Thai CERT. The data was put for sale on several Dark Web marketplaces and was available for further purchase via a Telegram channel created by the bad actors. Based on the acquired samples and additional insights related to the security incident, the … More → The post COVID-19 data put for sale on the Dark Web appeared first on Help Net Security.
http://news.poseidon-us.com/SXPy8h

How Carrier’s product security team delivers the ‘right support for the right product’

John Deskurakis had a green field opportunity when he stepped into the role of chief product security officer in April 2020 at Carrier Global Corp. United Technologies, which had spun off Carrier, took the existing product security function with it. That gave Deskurakis the chance to build an entirely new program—one that could meet the unique security needs of each of Carrier’s product lines.[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ] “We didn’t want to replicate what United Technologies was doing, because it was focused on aerospace. We wanted to focus more on our specific areas because our products are different, our customers are different, they have different needs than aerospace,” he says. “So we decided to rebuild the capabilities to suit the diverse needs of our Carrier customers, to think about what’s the best outcome for the end users.” To read this article in full, please click here
http://news.poseidon-us.com/SXPp7q

Rise in IoT vulnerability disclosures, up 57%

Vulnerability disclosures impacting IoT devices increased by 57% in the first half (1H) of 2022 compared to the previous six months, according to a research by Claroty. The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time, and fully or partially remediated firmware vulnerabilities increased by 79%, a notable improvement given the relative challenges in patching firmware versus … More → The post Rise in IoT vulnerability disclosures, up 57% appeared first on Help Net Security.
http://news.poseidon-us.com/SXP7vV

ISC Stormcast For Monday, August 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8150, (Mon, Aug 29th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SXP7dl

Dealing With False Positives when Scanning Memory Dumps for Cobalt Strike Beacons, (Sun, Aug 28th)

I updated my Cobalt Strike beacon analysis tool 1768.py to deal with false positives in Windows system's memory dumps.
http://news.poseidon-us.com/SXMp7L