Displaying items by tag: Malware

GUEST RESEARCH:  New report shows unplanned and cyber incident downtime can cost businesses up to AU$86 billion in Australia and NZ$75 billion

GUEST RESEARCH:  When new technologies such as generative artificial intelligence (GenAI) emerge, cybercriminals inevitably look for ways to exploit its capabilities for malicious purposes. While most mainstream GenAI models have built-in safeguards to prevent misuse, Tenable Research has found that DeepSeek R1 can be tricked into generating malware, raising concerns about the security risks posed by AI-powered cybercrime.

Mandiant, Google Cloud Security’s threat intelligence company, has exposed a sophisticated cyber espionage campaign by the China-linked hacking group UNC3886. The group has been found infiltrating outdated Juniper Networks routers with custom malware designed for long-term persistence and stealth.

8^th Annual Year in Review Names Two New OT Cyber Threat Groups, Ongoing Infiltration by VOLTZITE, and Global Threat from FrostyGoop Malware

According to new research by the cybersecurity company NordVPN, over 351 million malware incidents have been recorded, emphasising the “growing cybersecurity threat” in Australia. 

Ransomware threats increased fourfold during 2024, likely driven by prolific Ransomware-as-a-Service (RaaS) activity, according to Barracuda’s annual review of XDR detection and incident data. Email threats that made it through to user inboxes were the fifth most detected threat overall, highlighting the growing risk of sophisticated and evasive attacks enabled by Phishing-as-a-Service (PhaaS) platforms.

Personal Storage Table or PST is a popular and most commonly used mailbox data file format for storing, backing up, and migrating mail items to and from Microsoft Outlook.

Cybersecurity company Bitdefender has issued a warning on an active campaign by the North Korea-linked Lazarus Group, targeting organisations by capturing credentials and delivering malware through fake LinkedIn job offers.

GUEST RESEARCH:  Infoblox Threat Intel researchers have discovered new insights into the use of spoofed domains in modern malicious spam (malspam) campaigns, sending unsolicited emails that contain harmful attachments or links designed to infect the recipient's computer with malware or to steal sensitive information. This reveals how threat actors exploit domain spoofing and how pervasive this technique is. The information was gathered through a collective effort following the initial Muddling Meerkat research, with various individuals sharing data showing Muddling Meerkat behavior with the researchers. This underscores the importance of collaborative efforts in cybersecurity, as sharing data and insights can lead to significant discoveries and improvements in threat detection and mitigation.

GUEST OPINION:  Now we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t truck in hot takes, but rather, cold hard facts. Staying ahead of adversaries requires more than just advanced tools; it requires the latest intelligence and collaborative insights from experts working from data that tells the whole story.

GUEST RESEARCH:  Rapid7 published its analysis of the Black Basta ransomware campaign, having observed a resurgence of activity related to the ongoing social engineering campaign being conducted by the group.

GUEST OPINION:

• BlueVoyant, an industry-leading cyber defence company, offers perspectives on attack patterns and tips on how to stay ahead of attackers.
• KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, highlights the need to focus on the human element in organisations to lower the risk of becoming a victim of cybercrime.

GUEST RESEARCH :  CISOs around the world acknowledge waning confidence in securing today’s hybrid cloud infrastructure, shifting focus toward gaining visibility into all data-in-motion

• 39 percent of security teams in Australia report they were unable to detect a data breach with existing tools
• 71 percent of respondents in Australia believe that Zero Trust will be mandated by the government in the next two years
• 92 percent of Australian respondents agree that visibility into encrypted traffic is critical to cloud security

COMPANY NEWS: 

• BeyondTrust experts predict a paradigm shift in security strategies as identity risks and quantum threats take centre stage
• Top cybersecurity threats include the evolution of the AI2, quantum computing, and cyber insurance

COMPANY NEWS:  Other key findings include surge of info-stealers and botnets, an increase in evasive malware and a rise in network attacks across the Asia Pacific

The CPU is a vital part of your device, and knowing the current CPU usage is extremely important. What we have to keep in mind is the fact that you want to keep the CPU usage low, and not overly pressure the unit. That being said, you need to find the right thing to focus on when it comes to CPU-tracking tools. Here’s how you can identify the current CPU usage on your device.

GUEST RESEARCH - The BANSHEE malware is a macOS-based infostealer that targets system information, browser data, and cryptocurrency wallets.

COMPANY NEWS:  Companies developing methodology and open-source tools to tame complexities of complex language, empowering organizations to get and stay ahead of attackers

COMPANY NEWS: Absolute Security will demonstrate the next generation of Cyber Resilience at Black Hat USA 2024 in Las Vegas. During the conference, CISOs and other security and risk professionals responsible for protecting their organisations against threats and disruption are invited to hosted demonstrations of the Absolute Cyber Resilience Platform in the Business Expo Hall, booth #4312.

Many security experts say a breach is only a matter of "when" not "if". Imagine the sinking feeling of finding out your company has been compromised in this way. However, you can be proactive in defending yourself, and Qualys CTSO and VP solutions architect EMEA and APAC Richard Sorosina brings practical advice to help.