Tag Archive for: latest

Latest Edition of Mitre Cybersecurity Evaluation Program to Tackle Ransomware, Threats to macOS

/in


Common behaviors associated with ransomware campaigns will be tackled in the sixth round of MITRE Engenuity‘s ATT&CK Evaluations, a program that seeks to assess the capabilities and performance of enterprise cybersecurity solutions.

MITRE said Tuesday that applications are already being accepted for the latest round of ATT&CK Evals, whose focus on ransomware stems from the malware type’s persistence as “one of the most significant cybercriminal threats across industry verticals,” according to Amy Robertson, the program’s principal cyber threat intelligence analyst.

Due to the Democratic People’s Republic of Korea targeting macOS, the latest Evals round will also tackle Apple‘s laptop and desktop operating system.

“The DPRK has emerged as a formidable cyber threat, and they have progressively been expanding their focus to macOS as they work to evade international sanctions,” Robertson noted.

For his part, ATT&CK Evals General Manager William Booth said he and his organization were thrilled to expand the scope of the program to include macOS, a move that underscores a “commitment to comprehensive, platform-diverse assessments.”

Results of the evaluations will be released in the fourth quarter of 2024. Those interested in undergoing assessment have until April 30 to apply.

Source…

‘Mother of all data breaches’ reported in latest large-scale hack

/in


‘Mother of all data breaches’ hits numerous websites

Huirong Fu is a founding director of OU’s Center for Cybersecurity. She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

FOX 2 (WJBK)It’s a shocking number – 26  billion account records were stolen in what’s being called the ‘mother of all data breaches.’

The leak includes popular sites like Dropbox,  Linkedin, Telegram, and Twitter. It was detailed in a report from Cybernews.com and is unsettling for anyone who ever goes online. 

“It’s horrible. It’s really horrible,” said Professor Huirong Fu, of Oakland University.

Fu is a founding director of OU’s Center for Cybersecurity.  She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

This includes taking birthdays, addresses, and sometimes even Social Security numbers, putting many people between a rock and a hard place.

“We have no choice, if they don’t want to provide this information, they can not use their platform,” she said. “This is horrible.”

Cybernews.com calls it the “Mother of all Breaches” – 12 terabytes of information. Some companies you’ve likely used,

So can you do anything?

The Federal Trade Commission has some general tips: Secure your devices by keeping security software, internet browser, and operating systems up to date. protect your accounts — particularly those with personal information, like your bank, email, and social media accounts.

Strong passwords and multi-factor authentication can really help. Also be very circumspect when giving out any personal information to any organization even if you trust them, because the possibility of a hack is always a real threat.

For more on the data breach click here.

Source…

The Latest Innovations in Cybersecurity

/in


The risks to our online security are growing at a rapid pace in a world where technology is developing. The strategies used by cybercriminals to exploit vulnerabilities are always changing, thus the cybersecurity industry must stay up with these developments. Because cybercriminals keep finding new ways to exploit vulnerabilities, the cybersecurity industry has to constantly keep up with the latest developments. Furthermore covered will be the function of shared proxies and the reasons you would wish to buy shared proxies in order to provide an extra degree of protection.

1. AI and machine learning, it’s all about smart computers getting even smarter.

In the cybersecurity game, AI and ML are still stealing the show by constantly innovating. However, AI and ML can quickly analyse huge amounts of data to find patterns that may show a security breach. With AI and ML in their toolkit, companies can quickly catch any funky trends that might signal a security issue.

2. The Zero Trust Security Model

It’s essentially a strategy that doesn’t automatically trust anything inside or outside its perimeters and instead, verifies everything trying to connect to its systems before granting access.

Zero Trust, a rising star in cybersecurity, doesn’t play nice – it eyes every access request as potentially sketchy. Unlike traditional models that assume trust within a network, the Zero Trust model treats every access request as potentially malicious. Everyone trying to get at the goodies has to pass a double-check, cutting down on sneaky insider problems and sideways moves by cyber baddies.

3. Extended Detection and Response (XDR)

An innovative strategy that goes beyond conventional Endpoint Detection and Response (EDR) solutions is called Extended Detection and Response (XDR). XDR’s like a super-sleuth, pulling data from everywhere—networks, endpoints, the cloud—to really get to the heart of a company’s security health. But holistic security monitoring helps you spot and fix threats faster.

4. Quantum-Safe Cryptography

With the advent of quantum computing on the horizon, traditional encryption methods face the risk of being compromised. Quantum computing, once fully developed, could easily…

Source…

Researchers Unveal GuLoader Malware’s Latest Anti-Analysis Techniques

/in


Dec 09, 2023NewsroomMalware / Cyberattack

Anti-Analysis Techniques

Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging.

“While GuLoader’s core functionality hasn’t changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and resource-intensive process,” Elastic Security Labs researcher Daniel Stepanic said in a report published this week.

First spotted in late 2019, GuLoader (aka CloudEyE) is an advanced shellcode-based malware downloader that’s used to distribute a wide range of payloads, such as information stealers, while incorporating a bevy of sophisticated anti-analysis techniques to dodge traditional security solutions.

A steady stream of open-source reporting into the malware in recent months has revealed the threat actors behind it have continued to improve its ability to bypass existing or new security features alongside other implemented features.

GuLoader is typically spread through phishing campaigns, where victims are tricked into downloading and installing the malware through emails bearing ZIP archives or links containing a Visual Basic Script (VBScript) file.

UPCOMING WEBINAR

Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

Israeli cybersecurity company Check Point, in September 2023, revealed that “GuLoader is now sold under a new name on the same platform as Remcos and is implicitly promoted as a crypter that makes its payload fully undetectable by antiviruses.”

One of the recent changes to the malware is an improvement of an anti-analysis technique first disclosed by CrowdStroke in December 2022 and which is centered around its Vectored Exception Handling (VEH) capability.

It’s worth pointing out that the mechanism was previously detailed by both McAfee Labs and Check Point in May 2023, with the former stating that “GuLoader employs the VEH mainly for obfuscating the execution flow and to slow down the analysis.”

The method “consists of breaking the…

Source…