Blog
-
Strengthening open source: A roadmap to enhanced cybersecurity
Strengthening open source: A roadmap to enhanced cybersecurity============================================================== Rudy Sulgan/Getty | Get the latest federal technology news delivered to your…
-
How to Protect Your Environment From the NTLM Vulnerability
* [Endpoint Security](/endpoint-security)* [Сloud Security](/cloud-security)* [Vulnerabilities -& Threats](/vulnerabilities-threats)* [Cybersecurity Operations](/cybersecurity-operations)[News, news analysis, and commentary on…
-
LockBit Ransomware Developer Arrested in Israel
* [Cyberattacks -& Data Breaches](/cyberattacks-data-breaches)* [Threat Intelligence](/threat-intelligence)* [Cybersecurity Operations](/cybersecurity-operations)LockBit Ransomware Developer Arrested in Israel LockBit Ransomware Developer Arrested in Israel===============================================================================================Dual…
-
Vulnerability & Patch Roundup – November 2024
* [Security Advisory](https://blog.sucuri.net/category/security-advisory)* [Security Education](https://blog.sucuri.net/category/security-education)* [WordPress Security](https://blog.sucuri.net/category/wordpress-security)Vulnerability -& Patch Roundup — November 2024================================================ [Sucuri Malware Research Team](https://blog.sucuri.net/author/malware-research)* December 20, 2024…
-
Now You See Me, Now You Dont: Using LLMs to Obfuscate Malicious JavaScript
This article discusses an adversarial machine learning algorithm that uses large language models (LLMs) to generate novel variants of malicious…
-
BellaCPP: Discovering a new BellaCiao variant written in C++
A new C++ variant of the BellaCiao malware, dubbed BellaCPP, has been discovered by researchers. This variant shares similarities with…
-
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Two npm packages, @rspack/core and @rspack/cli, were compromised in a supply chain attack, allowing the publication of malicious versions containing…
-
Recent Cases of Watering Hole Attacks, Part 1
This analysis focuses on a watering hole attack targeting a Japanese university research laboratory website in 2023. The attack used…
-
Threat Actors Hijack Misconfigured Servers for Live Sports Streaming
Aqua Nautilus researchers uncovered a new attack vector where threat actors exploit misconfigured JupyterLab and Jupyter Notebook applications to hijack…
-
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks
Earth Koshchei, an APT group suspected to be sponsored by the Russian SVR, executed a large-scale rogue RDP campaign targeting…