Credit to Author: Jon Clay| Date: Tue, 29 Mar 2022 00:00:00 +0000
Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat.
Read moreCredit to Author: Christopher Boyd| Date: Tue, 29 Mar 2022 11:21:57 +0000
We take a look at how people up to no good in the digital realm often make small mistakes which bring major consequences.
The post Looking over your shoulder: when small mistakes have big consequences appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Tue, 29 Mar 2022 10:27:03 +0000
Satellites have become a main link in communications, and given some recent events it has become clear why we consider them to be critical infrastructure.
The post Satellites are critical infrastructure and need to be cybersecured appeared first on Malwarebytes Labs.
Read more
Credit to Author: Mayra Rosario Fuentes| Date: Tue, 29 Mar 2022 00:00:00 +0000
One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency.
Read more
FortiGuard Labs discovered a spearphishing email for a Ukrainian fuel company with an attached invoice—seemingly from another fuel provider—that contains the IcedID Trojan. Read to learn more about the infection process and subsequent malware deployment by the threat actors behind IcedID.
Credit to Author: Susan Bradley| Date: Mon, 28 Mar 2022 09:27:00 -0700
We’re told that one of the best ways to stay secure is to make sure our computers are patched. But we need to always be aware that at any given time, there are several vulnerabilities probably known and in use by attackers. The good news is that the number of days between when a bug is identified and when it’s patched is slowly going down, according to the Google Project Zero. It tracks how long it’s taking vendors to patch bugs and found that “in 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is a significant acceleration from an average of about 80 days [three] years ago.”
Credit to Author: Malwarebytes Labs| Date: Mon, 28 Mar 2022 15:40:41 +0000
In 2017, a former NSA contractor named Reality Winner was arrested for allegedly leaking an internal report to the online news outlet The Intercept. To verify the report itself, a journalist for The Intercept sent an image of the report to the NSA, but upon further inspection, it was revealed that the image was actually…
The post Telling stories securely, with Runa Sandvik: Lock and Code S03E07 appeared first on Malwarebytes Labs.
Read more
Credit to Author: Michael Langford| Date: Mon, 28 Mar 2022 00:00:00 +0000
A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform drift and manage any drift issues you might face.
Read more
Credit to Author: Paul Ducklin| Date: Mon, 28 Mar 2022 14:18:59 +0000
CVE-2022-1096 – another mystery in-the-wild 0-day in Chrome… check your version now!
Read moreCredit to Author: Jovi Umawing| Date: Mon, 28 Mar 2022 13:42:54 +0000
Google’s rolled out a patch for Chrome that affects the V8 JavaScript engine. This high-severity flaw is currently being exploited.
The post Update now! Google releases emergency patch for Chrome zero-day used in the wild appeared first on Malwarebytes Labs.
Read more