Tags → #stories

Analysis of AsyncRAT Malware Infection Methods

A threat intelligence analyst has detailed the methods used to distribute AsyncRAT malware, highlighting two distinct techniques involving obfuscated scripts and PowerShell commands to facilitate remote access and maintain persistence on infected systems.
Analysis of macOS Sandbox Vulnerabilities and Security Concerns

An analysis of macOS security vulnerabilities reveals concerns about the limitations of the operating system's sandbox environment and highlights several newly discovered sandbox escape vulnerabilities.
CVE and CVSS: Key Components of Cybersecurity Management

Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS) are essential tools in cybersecurity for identifying, managing, and prioritizing vulnerabilities.
Limitations of VPNs in Cloud-Based Work Environments

The rise of cloud services and remote work is highlighting the limitations of traditional VPNs, prompting organizations to explore alternatives like Software-Defined Perimeter (SDP) and Secure Access Service Edge (SASE) for enhanced security and performance.
New Android Banking Trojan "AMEXTROLL" Identified

Cyble Research Labs has identified a new Android Banking Trojan malware named "AMEXTROLL," which is being advertised on underground cybercrime forums and has evolved significantly since its initial detection in 2021.
New Phishing Campaign Distributes Remcos Remote Access Trojan

Fortinet's FortiGuard Labs has identified a new phishing campaign that distributes a variant of the Remcos Remote Access Trojan, targeting Windows systems through deceptive emails containing a malicious Excel document.
Ransomware Attack Reported by Cisco Talos Incident Response

On November 7, 2024, Cisco Talos Incident Response reported a significant ransomware attack attributed to the Interlock ransomware group, which utilized advanced tactics including big-game hunting and double extortion.
Resurgence of Fakebat Malware Loader Detected in Ads

Cybersecurity experts have reported a resurgence of the malware loader Fakebat, identified through a malicious Google advertisement for the productivity application Notion.
Veeam Backup Vulnerability Exploited in Ransomware Attacks

A security vulnerability in Veeam Backup & Replication, identified as CVE-2024-40711, has been exploited in ransomware attacks by various groups, allowing unauthorized remote code execution on affected servers.
Wordfence Bug Bounty Program Addresses WPLMS Vulnerability

The Wordfence Bug Bounty Program is currently hosting the Cybersecurity Month Spooktacular Haunt and WordPress Superhero Challenge to encourage researchers to identify vulnerabilities in WordPress plugins and themes, with a significant submission revealing a critical vulnerability in the WPLMS theme.