Security News > 2023 > January

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn said.

Orcus RAT is a type of malicious software program that enables remote access and control of computers and networks. There are several lifehacks that you should pay attention to while performing the analysis of Orcus RAT. Today we investigate the.

The U.K. National Cyber Security Centre on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. The activity is typical of spear-phishing campaigns, where the threat actors send messages tailored to the targets, while also taking enough time to research their interests and identify their social and professional circles.

Cybersecurity professionals can avoid drowning in the online data deluge by taking advantage of the host of technical, training and educational resources from the SANS Institute. Launched in 1989 as a cooperative for information security thought leadership, the organisation provides training, certifications, scholarship academies, degree programs, cyber ranges, and pretty much everything else you can think of to meet the needs of cyber professionals.

The NSCS has attributed the campaigns to a Russia-based group called SEABORGIUM and the Iran-based TA453 group, also known as APT42. The threat groups target individuals working in academia, defence, government, non-government organisations, and think-tanks.

While many organizations are prioritizing ERP application security, others are instead focusing on and investing heavily in traditional cybersecurity tools that only address more common threats, like ransomware. There are numerous security risks that can leave business-critical applications vulnerable to cybercriminals.

80% of organizations increased their use of open source software over the last 12 months, according to Perforce Software and the Open Source Initiative. "Clearly, more technical support is needed for open source technologies, as personnel experience and proficiency is highly ranked again this year as a support concern across organizations regardless of size," said Javier Perez, Chief OSS Evangelist at Perforce Software.

The survey seeks to uncover the changing attitudes toward public cloud storage adoption, the factors that influence storage buying decisions, and the top priorities when it comes to budget, use cases, security, and cloud data migration. "We also gathered important data to inform understanding of new trends: the fact that more than 50% of organizations exceed their budgeted spend on cloud storage; and that many struggle with security due to inadequate training and user experience with cloud storage," added Smith.

Google's Threat Analysis Group has burned more than 50,000 spammy fake news stories and other content posted by the pro-China 'Dragonbridge' gang. Meta and Twitter have also removed fake content from China that looks and sounds very similar to Dragonbridge's efforts.

Microsoft has started the forced rollout of Windows 11 22H2 to systems running Windows 11 21H2 that are approaching their end-of-support date on October 10, 2023. The automated feature update rollout phase comes after Windows 11 22H2 has also become available for broad deployment today to users with eligible devices via Windows Update.