Security News

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
2023-10-19 13:47

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as...

MATA malware framework exploits EDR in attacks on defense firms
2023-10-18 15:17

An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe. The updated MATA framework combines a loader, a main trojan, and an infostealer to backdoor and gain persistence in targeted networks.

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
2023-09-26 04:30

MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. What were the main drivers behind the creation of the MITRE ATT&CK framework back in 2013?

Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
2023-08-30 17:04

New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. Microsoft's container architecture uses what's called a dynamically generated image to separate the file system from each container to the host and at the same time avoid duplication of system files.

At Black Hat, Splunk, AWS, IBM Security and Others Launch Open Source Cybersecurity Framework
2023-08-14 22:46

A consortium led by Splunk and AWS are hoping to fix this by standardizing how events are noted in logs, reducing the burden on security teams to decipher alerts they receive from multiple tools and vendors. Last week at Black Hat, security vendor Splunk announced the general availability of the Open Cybersecurity Schema Framework.

Why organizations should adopt a cloud cybersecurity framework
2023-06-01 05:00

As cloud adoption pervades, one of the bigger security and privacy challenges for cloud service customers is having to relinquish a significant amount of control and ownership of their data and infrastructure to cloud service providers. Every CSP will implement security differently and every cloud model will have varying degrees of security control ownership, which is why it might be difficult for them to meet all security requirements.

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
2023-05-27 07:45

A critical security vulnerability has been disclosed in the Open Authorization implementation of the application development framework Expo.io. API security firm Salt Labs said the issue rendered services using the framework susceptible to credential leakage, which could then be used to hijack accounts and siphon sensitive data.

GUAC 0.1 Beta: Google's Breakthrough Framework for Secure Software Supply Chains
2023-05-25 05:45

Google on Wednesday announced the 0.1 Beta version of GUAC for organizations to secure their software supply chains. GUAC aims to aggregate software security metadata from different sources into a graph database that maps out relationships between software, helping organizations determine how one piece of software affects another.

Tython: Open-source Security as Code framework and SDK
2023-05-03 04:00

Security teams must adopt automation and incorporate security measures into code to keep up with the quickly evolving software development. Tython allows security teams to build custom security reference architectures and design patterns as code.

OSC&R open software supply chain attack framework now on GitHub
2023-03-31 03:00

OSC&R is an open framework for understanding and evaluating software supply chain security threats. Spearheaded by OX Security, OSC&R is a MITRE-like framework designed to provide a common language and structure for understanding and analyzing the tactics, techniques, and procedures used by adversaries to compromise the security of software supply chains.