Malware

VMware Warns Administrators of Critical Carbon Black App Control Flaw

While patches for new vulnerabilities are released nearly every day, it is up to organizations themselves to implement these patches. Organizations are recommended to implement the recommended patch from Vmware as quickly as feasible. All patches are recommended to be tested on selected machines ahead of deployment as per standard enterprise practices. The Threat Hunting and Managed Detection and Response (MDR) services offered by Binary Defense represent an effective way to incorporate a post-exploitation focus…

Read More

Entitle debuts with automated SaaS permissions-management application

Cloud-based permissions management startup Entitle debuted Wednesday with the launch of its namesake SaaS-based application, designed to automate access requests and solve the problem of what it calls the “entitlement sprawl” faced by corporations. Enterprise security teams are confronted with an overwhelming amount of permission requests, the Israel-based company said. “We saw that permission management is becoming a big issue and interviewed heads of security about the challenges with governance and relevance of access,” said…

Read More

Backdoor deployment overtakes ransomware as top attacker action

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. “Backdoors led to a notable spike in Emotet cases in February and March. That spike inflated the ranking of backdoor cases significantly, as those deployed in this timeframe account for 47% of all backdoors identified globally throughout 2022,” according to the newly released IBM Security X-Force Threat Intelligence Index. “Increased backdoor deployment may also be due to…

Read More

What is Traffic Light Protocol? Here’s how it supports CISOs in sharing threat data

Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive threat information within an organization or business and to enable more effective collaboration among security defenders, system administrators, security managers, and researchers. TLP grew out of efforts by various public-sector security incident response teams of various nations that began sharing security alerts. The protocol was developed so that recipients of threat data could assess its sensitivity and determine how to share it…

Read More

Will ChatGPT start writing killer malware?

AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware? ChatGPT didn’t write this article – I did. Nor did I ask it to answer the question from the title – I will. But I guess that’s just what ChatGPT might say. Luckily, there are some grammar errors left to prove I’m not a robot. But that’s just the kind of thing ChatGPT might do…

Read More

The ultimate guide to malware

What is malware? Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn. This is only predicted to increase, with the…

Read More

Hardbit Ransomware Asks for Insurance Details

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon as possible• Implement monitoring of security events on…

Read More

New Information Stealer, “Stealc,” Actively Used in the Wild

Binary Defense has regularly covered info stealer malware. While the user experience for Stealc seems to be particularly well developed and therefore lends itself to rapid adoption as a Malware as a Service offering (MaaS), the techniques and behaviors this malware uses are not novel. Keeping Detection and Response systems (EDR/MDR/XDR/etc.) up-to-date will go a long ways discovering campaigns like this. Additionally, netflow analysis and DNS monitoring can help detect C2 and exfiltration activity. This…

Read More

Alcatraz AI streamlines facial recognition access control with mobile update

Access control provider Alcatraz AI is adding web-based, mobile enrollment and privacy consent management to its flagship facial authentication product, the Rock, to enhance building security and ease employee and visitor registration. The Rock includes an edge device installed near the doors to buildings and secure areas, using 3D facial mapping and machine learning analytics for facial  authentication. The update adds mobile enrollment to the system to streamline onboarding by allowing new employees and visitors…

Read More

Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023

Despite the billions of dollars poured annually into cybersecurity by investors, organizations, academia, and government, adequate and reliable cybersecurity remains an ever-elusive goal. The technological complexity and growing attack surface, along with a growing array of threat actors and increased interconnectivity, make securing digital systems and assets a perennial pipedream. Chief among the challenges for decision-makers and experts is simply identifying and comprehending society’s cybersecurity risks. One organization, the Washington, DC-based think tank Bipartisan Policy…

Read More