SC Magazine

Microsoft, FireEye Link New Go-based Sunshuttle Malware to SolarWinds Attack

Microsoft, who is now tracking this hacker group as Nobelium, said it discovered three new samples of malware apparently active in some compromised customer networks between August and September 2020.

Denial-of-service vulnerability found in Eclipse Jetty

Researchers on Tuesday found a denial-of-service (DoS) vulnerability tracked as CVE-2020-27223 in Eclipse Jetty, a widely-used open source web server and servlet container.

Microsoft makes CodeQL queries public post SolarWinds attack

Microsoft has won praise from security researchers by making its CodeQL queries public so any organization could use the open source tools to analyze if they experienced any vulnerabilities from the SolarWinds or similar supply chain attacks.

Top security leaders express concern over lack of cyber protection

78% percent of senior IT and security leaders believe their organizations lack sufficient protection against cyberattacks, according to research by IDG Research Services on behalf of Insight.

Data protection companies Arcserve and StorageCraft to merge

Arcserve and StorageCraft both sell a range of data management and protection services, including data backup, disaster recovery and business continuity, email archiving, and ransomware protection.
February 24, 2021

Newly Discovered LazyScripter Threat Group Targets the IATA Members, Airlines, and Refugees to Canada

MalwareBytes reported a newly discovered threat group named LazyScripter targeting the International Air Transport Association (IATA) members, airlines, and refugees to Canada.

Corporate and Personal Data at Risk Due to Zero-Day Vulnerabilities in VFairs and 6Connex

Researchers at Huntress have uncovered software flaws and misconfigurations in two of the top five virtual event platforms: VFairs, with customers like Ford, T-Mobile, IEEE and Pearson, and 6Connex.
February 24, 2021

Cisco points to new tier of APT actors that behave more like cybercriminals

A new analysis of pro-Russian hackers Gamaredon by Cisco Talos suggests that maybe it is time to start thinking of hacker groups as more than either advanced persistent threat or criminal attackers.

Phishing campaign alters prefix in emailed hyperlinks to bypass defenses

Threat hunters say they’ve seen a concerted rise in the use of a phishing tactic designed to bypass traditional email defenses by subtly changing the prefixes of malicious URLs in hyperlinks.

Second malware strain primed to attack Apple’s new M1 chip identified

Researchers from Red Canary said that while Silver Sparrow malware has not released any malicious payloads yet, it’s poised to unload malicious payloads at a moment's notice.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags