News • Insights • Analysis
Berkeley Packet Filtering (BPF) is a kind of technology that allows programs to effectively execute code in the kernels of modern operating systems, such as Linux and Berkeley Software Distribution (BSD) variants. Soon, Windows will also add support for BPF. Read More …
In early September 2022, Kaspersky researchers discovered several new malware samples belonging to the MATA cluster. As they were collecting and analyzing the relevant telemetry data, they realized the campaign had been launched in mid-August 2022 and targeted over a Read More …
Akira is a relatively new ransomware variant with Windows and Linux versions that came out in April 2023. Like many attackers, the gang behind this variant only uses the ransomware to encrypt files after first breaking into a network and Read More …
Included in the September 2023 Patch Tuesday updates was a fix for a vulnerability which has been dubbed ThemeBleed. A Proof-of-Concept (PoC) exploit has been released by Gabe Kirkpatrick, one of the researchers acknowledged for reporting the vulnerability. The Common Read More …
In July 2023, Zscaler ThreatLabz discovered new malicious activity perpetuated by the Pakistan-based advanced persistent threat group (APT36). APT36 is a sophisticated cyber threat group with a history of conducting targeted espionage operations in South Asia. Zscaler ThreatLabz observed APT36 Read More …
In August, FortiGuard Labs obtained a Word document containing a malicious URL designed to entice victims to download a malware loader. This loader employs a binary padding evasion strategy that adds null bytes to increase the file’s size to 400 Read More …
Windows arbitrary file deletion vulnerabilities should no longer be considered mere annoyances or tools for Denial-of-Service (DoS) attacks. Over the past couple of years, these vulnerabilities have matured into potent threats capable of unearthing a portal to full system compromise. Read More …
Picture this: you’ve finally made it past the perimeter of a highly secured organization. You’re feeling pretty pleased with yourself, until you realize you only have Active Directory privileges of a newly hired intern and the thrill trickles away. However, Read More …
As Endpoint Detection and Response (EDR) solutions improve malware detection efficacy on Windows and Linux systems, certain state-sponsored threat actors have shifted to developing and deploying malware on systems that do not generally support EDR such as network appliances, SAN arrays, Read More …
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks. Lazarus is primarily financially motivated, with many analysts believing that the Read More …
