Malware

Researchers have found three vulnerabilities in AMI MegaRAC, a baseband management controller (BMC) firmware used by multiple server manufacturers. If exploited, the flaws could allow attackers to remotely control servers, deploy malware and firmware implants, or trigger damaging actions that leave them inoperable. BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are…

Action1 has announced new AI-based threat actor filtering to detect and block abuse of its remote management platform. The cloud-native patch management, remote access, and remote monitoring and management (RMM) firm stated its platform has been upgraded to spot abnormal user behavior and automatically block threat actors to prevent attackers exploiting its tool to carry out malicious activity. The release comes amid a trend of hackers misusing legitimate systems management platforms to deploy ransomware or…

Digital twins are a digital representation of objects, structures or systems that give organizations greater insight into the life cycle of these objects, but this same level of insight and control can also open doors for malicious attackers. Digital twins can be created for any physical infrastructure that includes individual components of an engine, turbine and other equipment, or entire factories, and data centers. “What makes a digital twin different from just your normal model…

Since its creation in 2013, the MITRE ATT&CK framework has been of interest to security operations professionals. In the early years, the security operations center (SOC) team used MITRE as a reference architecture, comparing alerts and threat intelligence nuggets with the taxonomy’s breakdown of adversary tactics and techniques. Based on ESG research, MITRE ATT&CK usage has reached an inflection point. Security teams not only recognize its value as a security operations foundation but also want…

As the frequency and severity of ransomware, phishing, and denial of service attacks has increased, so has demand for cyber insurance. About $6.5 billion in direct written premiums were recorded in 2021, a 61% increase over the prior year, according to an October 2022 memorandum from the National Association of Insurance Commissioners. “Some companies see it as essential to their risk management strategy,” says Heather Engel, managing partner at advisory firm Strategic Cyber Partners. However, experts say…

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring, and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero-trust principles. Medical device security is a serious problem for most organizations in healthcare, with a long string of reported vulnerabilities in the area stretching back for years. Fundamentally, experts agree, a large part of the problem is that many connected…