Security News

Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. The activity cluster was temporarily dubbed DEV-0343 by researchers at Microsoft Threat Intelligence Center and Microsoft Digital Security Unit, who have tracked it since late July.

33% of emails employees report as phishing attempts are either malicious or highly suspect, according to new research. The finding comes from an analysis of emails reported by employees from organizations across the globe during the first half of 2021, and highlights the efficacy of employee-led efforts in preventing cyberattacks.

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. This Internet Explorer MSHTML remote code execution vulnerability, tracked as CVE-2021-40444, was disclosed by Microsoft on Tuesday but with few details as it has not been patched yet.

Thus, security teams often place focus on the race itself and forget about the actual goal or finish line. For example: "Our mission is to continuously improve the organization's security posture by preventing, detecting, analyzing and responding to cybersecurity incidents." It is missing the finish line.

Sarcos Defense and BAE Systems announced that the companies are partnering to develop advanced perception and sensing capabilities for autonomous platforms for Air Force Research Laboratory, to benefit Department of Defense operations. This platform will aim to address the complex issues that involve the coordination of both individual and multiple cooperating heterogeneous autonomous platforms, including unmanned aircraft systems and unmanned ground vehicles equipped with standard multi-modal sensors, such as cameras, radar, and LiDAR. The expected result will coalesce multiple environmental inputs and combine with artificial intelligence and machine learning technologies to enable unmanned systems to work together in greater harmony, both alone and coordinating with each other in "Swarm" scenarios.

A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple's on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection. The new iteration "Continues to impact Mac users who rely solely on Apple's built-in security control XProtect for malware detection," SentinelOne threat researcher Phil Stokes said in an analysis published last week.

A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple's on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection. The new iteration "Continues to impact Mac users who rely solely on Apple's built-in security control XProtect for malware detection," SentinelOne threat researcher Phil Stokes said in an analysis published last week.

A new AdLoad malware variant is slipping through Apple's YARA signature-based XProtect built-in antivirus tech to infect Macs as part of multiple campaigns tracked by SentinelOne security researchers. While monitoring this campaign, the researchers observed more than 220 samples, 150 of them unique and undetected by Apple's built-in antivirus even though XProtect now comes with roughly a dozen AdLoad signatures.

NetWitness, an RSA business, unveiled NetWitness Ransomware Defense Cloud Services, a managed cloud service that monitors endpoints without traditional deployment and administration requirements. Ransomware Defense Cloud Services also includes detection intelligence developed from in-depth ransomware research and development, combined with experienced threat hunting in enterprise environments.

In a new report, Proofpoint details how the group TA456, associated with the Iranian Revolutionary Guard, invested years in developing the false profile of a fantasy woman named Marcella Flores, an impossibly shiny haired aerobics instructor from the U.K., to rein in unsuspecting targets. Starting about eight months ago, Proofpoint found TA456 used the Marcella Flores profile to slowly build a relationship with someone who worked for a subsidiary of an aerospace defense contractor in the U.S. Over the months, Marcella shared many emails, pictures and even a video to build trust.