Security News
Evasive techniques used by attackers, date back to the earlier days, when base64 and other common encoding schemes were used. In this report, we highlight those common defense evasion techniques, which are common in malicious Linux shell scripts.
An Iranian state-sponsored threat actor tracked as TA456 maintained a social media account for several years before engaging with their intended victim, cybersecurity firm Proofpoint reports. The newly detailed activity attributed to the group involved the use of the social media persona "Marcella Flores," which was used to engage with an employee of a subsidiary of an aerospace defense contractor over multiple communication platforms, to gain their trust in an attempt to infect them with malware.
The U.S. Department of Energy CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. In 2021, students have many more opportunities to learn about cybersecurity topics and compete within the CyberForce program.
Owl Cyber Defense Solutions announced the opening of its new regional office, located in Abu Dhabi. The new office, hosted and sponsored by Al Makamin Commercial Projects LLC, part of Sultan International Holding, LLC -, will house Owl's in-region field staff that support the company's growing customer base of oil and gas, petrochemical, power generation, transmission and distribution, nuclear, renewable energy and water/wastewater operators; along with serving government agencies.
China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server. Today, SolarWinds released a security update for a zero-day vulnerability in Serv-U FTP servers that allow remote code execution when SSH is enabled.
China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server. Today, SolarWinds released a security update for a zero-day vulnerability in Serv-U FTP servers that allow remote code execution when SSH is enabled.
Today's reality is that security breaches are a given. Sophisticated attackers are too numerous and too determined to get caught by perimeter defenses.
In an almost exclusively mobile world and the increased usage of mobile devices to access corporate data, cybercriminals started taking advantage of the vulnerability of such devices. To select a suitable mobile threat defense solution for your business, you need to think about a variety of factors.
Once a "Nuisance" threat, ransomware has grown into a layered, multi-billion-dollar industry for attackers. The U.S. Department of Justice has issued internal guidance that ransomware attacks should be treated with the same priority as terrorist attacks - did this dissuade any attackers? It does not seem so.
Simple tech investments like these, Tebow notes, can be an easy, effective way to end a ransomware attack before it starts. While using modern solutions to defeat modern threats is critical, upgraded defenses alone are not enough in a world where ransomware is considered an inevitability by experts.