Blog
Predator Spyware Roars Back with New Infrastructure, Evasive Tactics
Researchers have warned of the resurgence of Predator spyware, previously thought to be inactive due to sanctions and exposure, thanks to new infrastructure and evasive tactics.
New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen. "Malware in the air-gap and audio-gap...
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow...
Chinese APT Group Abuses Visual Studio Code to Target Government in Asia
Chinese APT group Stately Taurus exploited Visual Studio Code to target government entities in Southeast Asia for cyberespionage. They utilized the software's reverse shell feature to infiltrate networks, a technique first detected in 2023.
Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments
The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring...
Underground Demand for Malicious LLMs is Robust
The underground market for malicious large language models (LLMs) is thriving, according to researchers from Indiana University Bloomington. They found 212 malicious LLMs for sale from April through September 2024.
Spyware Vendors’ Nebulous Ecosystem Helps Them Evade Sanctions
Spyware vendors have developed a complex ecosystem that enables them to evade sanctions effectively by utilizing a network of interconnected entities across various jurisdictions.
Homeland Security Hopes to Scuttle Maritime Cyber-Threats
The U.S. Department of Homeland Security (DHS) has issued a request for information to assess the security of technology at ports in order to develop a Maritime Port Resiliency and Security Research Testbed.
Lazarus Group Targets Blockchain Pros with Fake Video Conferencing, Job Scam
The Lazarus Group, known for financially motivated cyber campaigns, is targeting blockchain professionals through fake job offers and fraudulent video conferencing applications.
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks
A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of...
FREE GUIDE