FBI and CISA warn of APT groups exploiting ADSelfService Plus

APT actors are exploiting a recently-discovered flaw in ManageEngine’s self-service password management product.

Read more

Kimsuky APT continues to target South Korean government using AppleSeed backdoor

Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.

Read more

Lazarus APT conceals malicious code within BMP image to drop its RAT

The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.

Read more

Microsoft Exchange attacks cause panic as criminals go shell collecting

The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to cybercrime’s new toy in record time.

Read more

Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03

On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech.

Read more

SolarWinds advanced cyberattack: What happened and what to do now

Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.

Read more

Silent Librarian APT right on schedule for 20/21 academic year

As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.

Read more

Release the Kraken: Fileless injection into Windows Error Reporting service

We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Read more

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.

Read more

A week in security (July 20 – 26)

A roundup of cybersecurity news from July 20 – 26, including Deepfakes, Bluetooth technology, and APT groups.

Read more

Select your language