Newer Generic Top-Level Domains a Security ‘Nuisance’
Ten years of passive DNS data shows classic TLDs such as .com and .net dominate newer TLDs in popularity and use, new report says.A study into the use and...
Buer Malware Variant Rewritten in Rust Programming Language
Researchers suggest a few reasons why operators rewrote Buer in an entirely new languageSecurity researchers have identified a new variant of the Buer malware loader rewritten in Rust, a...
Researchers Explore Active Directory Attack Vectors
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.Active Directory is a massive and complex attack surface that...
New Threat Group Carrying Out Aggressive Ransomware Campaign
UNC2447 observed targeting now-patched vulnerability in SonicWall VPN.Researchers at FireEye Mandiant have observed what they describe as an aggressive new threat group exploiting a recently patched zero-day flaw in...
MITRE Adds MacOS, More Data Types to ATT&CK Framework
Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.Nonprofit research organization MITRE has released the latest version of its ATT&CK...
Ransomware Task Force Publishes Framework to Fight Global Threat
An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.The Ransomware Task Force (RTF) this week published a...
7 Modern-Day Cybersecurity Realities
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe. 1...
FluBot Malware’s Rapid Spread May Soon Hit US Phones
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.A type of Android malware known as FluBot has been spreading through multiple European...
‘BadAlloc’ Flaws Could Threaten IoT and OT Devices: Microsoft
More than 25 critical memory allocation bugs could enable attackers to bypass security controls in industrial, medical, and enterprise devices.Microsoft today disclosed more than 25 critical memory allocation vulnerabilities...
Adobe Open Sources Tool for Anomaly Research
The One-Stop Anomaly Shop (OSAS) project packages machine-learning algorithms into a Docker container for finding anomalies in security log data.Adobe has released an open source project to detect and...
