Earth Preta Evolves its Attacks with New Malware and Strategies

Credit to Author: Lenart Bermejo| Date: Mon, 09 Sep 2024 00:00:00 +0000

In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.

Read more

TIDRONE Targets Military and Satellite Industries in Taiwan

Credit to Author: Pierre Lee| Date: Fri, 06 Sep 2024 00:00:00 +0000

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.

Read more

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command

Credit to Author: Mhica Romero| Date: Thu, 05 Sep 2024 00:00:00 +0000

Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection.

Read more

How AI Goes Rogue

Credit to Author: AI Team| Date: Tue, 03 Sep 2024 00:00:00 +0000

This is the second blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.

Read more

Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool

Credit to Author: Mohamed Fahmy| Date: Thu, 29 Aug 2024 00:00:00 +0000

Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.

Read more

AI Pulse: Sticker Shock, Rise of the Agents, Rogue AI

Credit to Author: AI Team| Date: Thu, 29 Aug 2024 00:00:00 +0000

This issue of AI Pulse is all about agentic AI: what it is, how it works, and why security needs to be baked in from the start to prevent agentic AI systems from going rogue once they’re deployed.

Read more

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

Credit to Author: Abdelrahman Esmail| Date: Wed, 28 Aug 2024 00:00:00 +0000

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system.

Read more