CISA Releases Four Industrial Control Systems Advisories

CISA has released four (4) Industrial Control Systems (ICS) advisories on October 27, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory Read More …

Defeating Guloader Anti-Analysis Technique

Unit 42 researchers recently discovered a Guloader variant that contains a shellcode payload protected by anti-analysis techniques, which are meant to slow human analysts and sandboxes processing this sample. To help speed analysis for this sample and others like it, Read More …

Biden now wants to toughen up chemical sector’s cybersecurity

The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America’s critical infrastructure industries. The addition makes chemical facilities and manufacturers the fourth sector under the Biden Administration’s Industrial Control Systems Read More …

Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity

Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread. These infections lead to Read More …

Attack Surface Management 2022 Midyear Review – Part 2

The cybersecurity landscape changed significantly in the first half of 2022. In our midyear roundup, Trend Micro researchers examine these changes and their effects on business operations as well as what you need to know about staying protected from online Read More …

DHS Announces New Cybersecurity Performance Goals for Critical Infrastructure  

WASHINGTON – Today, the Department of Homeland Security released the Cybersecurity Performance Goals (CPGs), voluntary practices that outline the highest-priority baseline measures businesses and critical infrastructure owners of all sizes can take to protect themselves against cyber threats. The CPGs were Read More …

Medibank now says hackers accessed all its customers’ personal data

Australian insurance firm Medibank has confirmed that hackers accessed all of its customers’ personal data and a large amount of health claims data during a recent ransomware attack. In an announcement published today, the companies warned that an internal investigation Read More …

Notorious ‘BestBuy’ hacker arraigned for running dark web market

A notorious British hacker was arraigned on Wednesday by the U.S. Department of Justice for allegedly running the now defunct ‘The Real Deal” dark web marketplace. The 34-year-old defendant Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) allegedly ran the illicit Read More …