Articles

Utilize These Detection-as-Code Best Practices

,

Today, 94% of organizations are using cloud technology, and this swift evolution to the cloud means security teams are handling more data and more alerts than ever. Additionally, threats and attacks are only increasing in frequency — it’s estimated that a cyber attack occurs every 11 seconds — and sophistication. But more often than not, security teams are overwhelmed because they don’t have the right tools and approaches to handle modern threat detection at scale.

Security team leaders should have updated tools and approaches to help them protect their organization, and the best approach they can take is to adopt detection-as-code. Here’s more about detection-as-code and its benefits, as well as some best practices to help you gain success as you begin to use detection-as-code in your security approach. 

Source de l’article sur DZONE

/par

Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild

, , ,

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ‘distributed denial-of-service’ attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named « dark_nexus » by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as
Source de l’article sur The Hacker News

/0 Commentaires/par

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

, , ,

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named « Vollgar » after the Vollar cryptocurrency it mines and its offensive « vulgar » modus operandi, researchers at Guardicore
Source de l’article sur The Hacker News

/0 Commentaires/par

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

, , ,

International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. « At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property, » Marriott said in a
Source de l’article sur The Hacker News

/0 Commentaires/par

Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices

, , ,

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines. Called « Mukashi, » the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall
Source de l’article sur The Hacker News

/0 Commentaires/par

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

, , ,

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who’ve taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own
Source de l’article sur The Hacker News

/0 Commentaires/par

Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims

, , ,

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered Emotet sample leverages a « Wi-Fi spreader » module to scan Wi-Fi networks, and then attempts to
Source de l’article sur The Hacker News

/0 Commentaires/par

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

, , ,

It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix’s NetScaler ADC
Source de l’article sur The Hacker News

/0 Commentaires/par

New Zeppelin Ransomware Targeting Tech and Health Companies

, , ,

A new variant of Vega ransomware family, dubbed Zeppelin, has recently been spotted in the wild targeting technology and healthcare companies across Europe, the United States, and Canada. However, if you reside in Russia or some other ex-USSR countries like Ukraine, Belorussia, and Kazakhstan, breathe a sigh of relief, as the ransomware terminates its operations if found itself on machines
Source de l’article sur The Hacker News

/0 Commentaires/par

Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus

, , ,

Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims’ files to avoid antivirus detection. Unlike traditional malware, the new Snatch ransomware chooses to run in Safe Mode because in the diagnostic mode Windows operating system starts with a minimal set of drivers and services
Source de l’article sur The Hacker News

/0 Commentaires/par