Delaware, USA – September 14, 2018 — Adversaries are constantly improving their techniques and tools to remain undetected by common security solutions. Researchers from Cylance published the blog post about a new tactic used by adversaries to bypass antiviruses and infect users with well-known malware. In the newly discovered sample, adversaries leverage SecureString for PowerShell […]
Delaware, USA – September 13, 2018 — At the end of August, SandboxEscaper revealed Task Scheduler ALPC exploit on GitHub, and just two days later, researchers from ESET discovered exploitation of this flaw in the wild. PowerPool hacker group conducts a cyber espionage campaign targeted at users in the United States, Germany, Great Britain, India […]
Delaware, USA – September 12, 2018 — Zerodium revealed via Twitter a severe vulnerability in Tor anonymous browser, which existed since May 2017 and affected version 7 of the browser. In fact, the vulnerability was found in the popular NoScript extension for Firefox designed to protect users against malicious scripts while surfing, and which is […]
Delaware, USA – September 11, 2018 — This Wednesday, Baltic Cyber Security Forum will be organized for the fifth time in the Baltic countries. The event will be held in Litexpo, Vilnius, Lithuania and its concept this year is – “IN THE SPOTLIGHT”. The forum aims to discuss critical issues of Cybersecurity; which direction the […]
Delaware, USA – September 7, 2018 — It was a very busy summer at the SOC Prime R&D and today you can finally try out the updated Threat Detection Marketplace to unlock the full potential of your SOC. The renewed platform provides real cross-platform experience and it is possible to focus on threat detection and […]
Delaware, USA – September 4, 2018 — WindShift APT group targets employees of government agencies and critical infrastructure companies in the Middle East. The APT group conducted highly targeted attacks using Mac malware and remained undetected for several years. The report published by the DarkMatter expert describes how WindShift carefully plans operations and collects information […]
Delaware, USA – August 30, 2018 – Last week, several PoC exploits were published for the recently patched vulnerability in Apache Struts (CVE-2018-11776) as well as the python script, which simplifies the attack. The vulnerability allows to execute code remotely on servers with the versions of the framework from 2.3 to 2.3.34 and from 2.5 […]
Delaware, USA – August 28, 2018 – The researcher under the pseudonym SandboxEscaper published on GitHub Proof-of-concept (PoC) of the new zero-day vulnerability in the Microsoft Windows task scheduler. The exploitation of this vulnerability leads to a local privilege escalation and allows a local user to gain SYSTEM privileges. Will Dormann from CERT/CC confirmed the […]
Delaware, USA – August 27, 2018 – The BackSwap banking trojan switched to Spanish financial organizations. Researchers from ESET discovered this threat in March, and they published a report in which they shared the results of further monitoring of the trojan. Until recently, BackSwap operators targeted only banks in Poland, but now the trojan configured […]
Delaware, USA – August 24, 2018 – It became known that the Lazarus group started using malware for MacOS in their campaigns. Earlier this week, researchers revealed details of the operation of DarkHotel group and Ryuk Ransomware campaign, and now researchers from Kaspersky Lab reported about the attack of the North Korean APT group on […]