Malware & Threats

Malware & Threats

Issued by: Help Net Security

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. Then, on Tuesday, Malwarebytes CEO…

Malware & Threats

Issued by: Security Week

Taking advantage of the COVID-19 pandemic, which has forced the broad adoption of telework, cyber-criminals and threat actors are attempting to exploit possible misconfiguration and lack of monitoring for remote network access and user privileges. An observed shift in tactics, the FBI says, is the targeting of all employee credentials, not exclusively of those individuals…

Malware & Threats

Issued by: CSO

Computer Trojans received their name from the infamous mythological horse. The Trojan’s basic mission is to mislead people of its real goal. A Trojan is malicious software that usually needs to be launched by the user or another malicious program. Malicious code typically penetrates the system under the guise of a useful utility or tool….

Malware & Threats

Issued by: Help Net Security

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

Malware & Threats

Issued by: Help Net Security

2020 has ended with a stunning display of nation-state cyber capabilities. The Kremlin’s SVR shocked the cybersecurity industry and U.S. government with its intrusions into FireEye and the U.S. Office of the Treasury by way of SolarWinds, revealing only traces of its long-term, sophisticated campaigns. These breaches are reminders that no organization is immune to…

Malware & Threats

Issued by: Security Week

The GDPR, which requires organizations to protect the personal data and privacy of EU citizens, came into force in May 2018, and, based on publicly available information, it since resulted in fines totaling more than €250 million (roughly $300 million). Due to the fact that not all fines are publicly reported and due to currency…

Malware & Threats

Issued by: Help Net Security

Cybersecurity is an arms race, with defensive tools and training pushing threat actors to adopt even more sophisticated and evasive intrusion techniques as they attempt to gain a foothold in victim networks. Most modern endpoint protection (EPP) services are capable of easily identifying traditional malware payloads as they are downloaded and saved on the endpoint,…

Malware & Threats

Issued by: Security Week

Initially detailed in February 2020, VBA purging involves the use of VBA source code only within Office documents, instead of the typically compiled code, and ensures better detection evasion. Malicious Office documents have VBA code stored within streams of Compound File Binary Format (CFBF) files, with Microsoft’s specifications on VBA macros (MS-OVBA) storing VBA data…