How the EU Cyber Resilience Act Impacts Manufacturers

Credit to Author: Jon Clay| Date: Tue, 12 Dec 2023 00:00:00 +0000

EU’s Cyber Resilience Act urges vendors to embrace security-by-design, establishing standards in global tech protocols.

Read more

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms

Credit to Author: Ed Cabrera| Date: Fri, 08 Sep 2023 00:00:00 +0000

Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members.

Read more

ChatGPT Shared Links and Information Protection: Risks and Measures Organizations Must Understand

Credit to Author: Matsukawa Bakuei| Date: Wed, 05 Jul 2023 00:00:00 +0000

Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk of unintentional disclosure of confidential information.

Read more

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator

Credit to Author: Lucas Silva| Date: Fri, 30 Jun 2023 00:00:00 +0000

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

Read more

Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies

Credit to Author: Joey Costoya| Date: Thu, 25 May 2023 00:00:00 +0000

This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services.

Read more

In Review: What GPT-3 Taught ChatGPT in a Year

Credit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000

Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.

Read more

Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack

Credit to Author: Joseph C Chen| Date: Fri, 17 Feb 2023 00:00:00 +0000

We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.

Read more