Security News

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "Elusive and severe threat" dubbed HeadCrab since early September 2021. The findings come two months after the cloud security firm shed light on a Go-based malware codenamed Redigo that has been found compromising Redis servers.

The survey found somewhat muted faith in current safety measures, with the 51% saying they are only "Somewhat prepared," 39% feel "Very prepared," 6% feel they are not at all prepared in their overall cyber defense strategies, and 4% are unsure. The survey points to the need for ever-increasing vigilance via employee training and awareness, along with continued investment in system upgrades and staff.

Microsoft revealed today that its security teams are tracking over 100 threat actors deploying ransomware during attacks. In all, the company says it monitors over 50 unique ransomware families that were actively used until the end of last year.

Cybersecurity professionals can avoid drowning in the online data deluge by taking advantage of the host of technical, training and educational resources from the SANS Institute. Launched in 1989 as a cooperative for information security thought leadership, the organisation provides training, certifications, scholarship academies, degree programs, cyber ranges, and pretty much everything else you can think of to meet the needs of cyber professionals.

Currently, the value of generative AI, like ChatGPT and DALL-E, is lopsided in favor of threat actors. Threat actors using generative AI in their attack arsenal is an eventuality, and now we need to focus on how we will defend against this new threat.

Research conducted by Fujitsu suggests there is no need to panic about quantum computers being able to decode encrypted data - this is unlikely to happen in the near future, it claims. Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor's algorithm approach.

In December 2022, security company Mandiant, now a Google Cloud company, identified a FortiOS malware written in C that exploited the CVE-2022-42475 FortiOS vulnerability. The Linux version of the malware, when executed, performs a system survey and enables communications with a hardcoded command-and-control server.

The legitimate command-and-control framework known as Sliver is gaining more traction from threat actors as it emerges as an open source alternative to Cobalt Strike and Metasploit. Sliver, developed by cybersecurity company BishopFox, is a Golang-based cross-platform post-exploitation framework that's designed to be used by security professionals in their red team operations.

In this Help Net Security video, André Ferraz, CEO at Incognia, discusses the impact of location spoofing and location-based fraud. Any tool that enables users to alter the location information given by their device is known as location spoofing.

If the user navigates and clicks on the only visible file, a Link File Format file, the LNK file starts the infection process by launching a batch file. Attackers obtain the credentials of a service account via Kerberoasting, a known technique based on abusing valid Kerberos tickets, 15 minutes after the initial infection.