How to Deploy Generative AI Safely and Responsibly

Credit to Author: Shannon Murphy| Date: Fri, 23 Jun 2023 00:00:00 +0000

New uses for generative AI are being introduced every day—but so are new risks.

Read more

Generative AI Assistant Makes Hunting Threats Faster

Credit to Author: Shannon Murphy| Date: Tue, 20 Jun 2023 00:00:00 +0000

Learn how analysts can search for threats with greater accuracy, speed, and effectiveness.

Read more

SeroXen Mechanisms: Exploring Distribution, Risks, and Impact

Credit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000

This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.

Read more

Analyzing the FUD Malware Obfuscation Engine BatCloak

Credit to Author: Peter Girnus| Date: Fri, 09 Jun 2023 00:00:00 +0000

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities.

Read more

Rust-Based Info Stealers Abuse GitHub Codespaces

Credit to Author: Nitesh Surana| Date: Fri, 19 May 2023 00:00:00 +0000

This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities.

Read more

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

Credit to Author: Fyodor Yarochkin| Date: Wed, 17 May 2023 00:00:00 +0000

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

Read more

8220 Gang Evolves With New Strategies

Credit to Author: Sunil Bharti| Date: Tue, 16 May 2023 00:00:00 +0000

We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.

Read more

Attackers Use Containers for Profit via TrafficStealer

Credit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000

We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.

Read more

ViperSoftX Updates Encryption, Steals Data

Credit to Author: Don Ovid Ladores| Date: Mon, 24 Apr 2023 00:00:00 +0000

We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis techniques, such as byte remapping and web browser communication blocking.

Read more