Cybersecurity hiring and retention challenges in 2023
Scott Scheppers, chief experience officer for AT&T Cybersecurity, weighs on how his team is addressing the cybersecurity talent shortage. This is part one of a two-part blog. The boundaries between the physical and digital worlds are decreasing. The Internet of things (IoT), artificial intelligence, blockchain technology, and virtual reality are buzzwords that have already made […]
Popping Blisters for research: An overview of past payloads and exploring recent developments
Authored by Mick Koomen Summary Blister is a piece of malware that loads a payload embedded inside it. We provide an overview of payloads dropped by the Blister loader based on 137 unpacked samples from the past one and a half years and take a look at recent activity of Blister. The overview shows that […]
CMD+CTRL Training: Q4 2023 Release in Review – post by LinkCyb
Q4 CMD+CTRL UPDATE: 3 NEW COURSES AND 10 NEW LABS Security Innovation is proud to add thirteen new courses and labs to the CMD+CTRL training catalog for Q4 2023. Concentrating primarily on alternative development methods, the next generation of Web Application Firewall, Secure Coding labs based on CWE Top 25 vulnerabilities, and MITRE ATT&CK® Enterprise […]
From ERMAC to Hook: Investigating the technical differences between two Android malware variants
Authored by Joshua Kamp (main author) and Alberto Segura. Summary Hook and ERMAC are Android based malware families that are both advertised by the actor named “DukeEugene”. Hook is the latest variant to be released by this actor and was first announced at the start of 2023. In this announcement, the actor claims that Hook […]
Mind the (Interpretation) gap: Another reason why threat modeling is important
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Where do vulnerabilities fit with respect to security standards and guidelines? Was it a coverage issue or an interpretation and implementation issue? Where […]
Irish Police Data Breach Rattles Northern Ireland’s Security Landscape
By Habiba Rashid The Police Service of Northern Ireland (PSNI) experienced a severe security breach, unintentionally revealing personal details of its entire workforce, including officers and civilian staff. This is a post from HackRead.com Read the original post: Irish Police Data Breach Rattles Northern Ireland’s Security Landscape
Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack
By Waqas FortiGuard Labs Reveals Insights into Recent Surge of Cyberattacks Utilizing Rust Programming Language. This is a post from HackRead.com Read the original post: Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD’s Zen 2 architecture-based processors known as
China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign
Hackers associated with China’s Ministry of State Security (MSS) have been linked to attacks in 17 different countries in Asia, Europe, and North America from 2021 to 2023. Cybersecurity firm Recorded Future attributed the intrusion set to a nation-state group it tracks under the name RedHotel (previously Threat Activity Group-22 or TAG-222), which overlaps with a cluster […]
X-Force releases detection & response framework for managed file transfer software – post by LinkCyb
How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response […]