ZDNet RSS Feed:
- The spyware had previously been associated with malicious installers and MBR bootkits.
- Concert tickets are no longer the most coveted items on a reseller's list.
- Surveillance isn't just the purview of nation-states and government agencies — it's often closer to home.
- The suspect was reportedly upset over handsets being used to spread "immoral content."
- The APT was one of many groups that took part in the Microsoft Exchange Server hacks.
Dark Reading RSS Feed:
- Russian national Aleksi Burkov was sentenced to nine years in prison for his operation of two websites facilitating payment card fraud.
- FinFisher (aka FinSpy) surveillance software now goes to extreme lengths to duck analysis and discovery, researchers found in a months-long investigation.
- Teams that remain reactive will always be on the back foot — take an active stance.
- New high-security padlocks integrate with easy-to-use software solution to offer security and cloud-based simplicity.
- Rather than fight against tighter security regulations, MSPs and IT pros should step up to lead conversations about the future of their industry.
Packetstorm RSS Feed:
RSS Error: WP HTTP Error: cURL error 7: Failed to connect to packetstormsecurity.com port 443: Connection timed out
Threatpost RSS Feed:
- A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities.
- The unredacted RCE exploit allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service.
- Microsoft is warning that the Nobelium APT is compromising single-sign-on servers to install a post-exploitation backdoor that steals data and maintains network persistence.
- The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.
- Ekaterina Kilyusheva, head of the Information Security Analytics Research Group at Positive Technologies, offers a blueprint for locking up the fortress.