Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit. These sophisticated pieces of malware target the UEFI—short for Unified Extensible Firmware Interface—the low-level and […]
Cyber News, Cyber Threat Trends
As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave gaps in an enterprise’s ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. These gaps […]
Cyber News, Cyber Threat TrendsTool bloat is making it harder to detect and contain attacks
Cyber News, Cyber Threat Trends
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors. “The threat actors behind the campaign are targeting Facebook business accounts by using Google ads and fake Facebook profiles that promote things like games, adult content, and cracked software, etc. to lure
Cyber News, Cyber Threat TrendsLast week the Biden Administration released a new National Cybersecurity Strategy (summary here). There is lots of good commentary out there. It’s basically a smart strategy, but the hard parts are always the implementation details. It’s one thing to say that we need to secure our cloud infrastructure, and another to detail what the means […]
Cyber News, Cyber Threat Trends
Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind large-scale attacks using DoppelPaymer ransomware. The operation, which took place on February 28, 2023, was carried out with support from the Dutch National Police (Politie) and the U.S. Federal Bureau of Investigation (FBI), according to […]
Cyber News, Cyber Threat TrendsLastPass attacks began with a hacked employee’s home computer. The investigation now reveals the password manager company’s data vault was compromised. The post LastPass releases new security incident disclosure and recommendations appeared first on TechRepublic.
Cyber News, Cyber Threat Trends
Saw something curious today in my logs. Continue reading on Bugs That Bite »
Cyber News, Cyber Threat TrendsResearchers are prototyping multi-segment shapeshifter drones, which are “the precursors to flying squid-bots.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News, Cyber Threat Trends