Tag: detection

Foxveil Malware Loader Uses Cloudflare, Netlify, and Discord to Bypass Detection

Feb 18, 2026 8:58 AM

Tags: cyber, detection, malicious, malware

A new malware loader, dubbed Foxveil, that abuses trusted platforms such as Cloudflare Pages, Netlify, and Discord to stage and deliver malicious payloads while evading traditional detection methods. Active since at least August 2025, the loader is used as an initial-stage component, establishing a foothold on victim machines, executing shellcode in memory, and preparing the…
AI-Driven Threat Detection for Quantum-Enabled Side-Channel Attacks

Feb 18, 2026 5:58 AM

Tags: ai, attack, cryptography, detection, infrastructure, side-channel, threat

Learn how to protect your AI infrastructure from quantum-enabled side-channel attacks using post-quantum cryptography and ai-driven threat detection for MCP. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ai-driven-threat-detection-for-quantum-enabled-side-channel-attacks/
13 Fragen gegen Drittanbieterrisiken

Feb 18, 2026 5:58 AM

Tags: access, api, ceo, ciso, cloud, cyberattack, cyersecurity, detection, firewall, identity, incident response, infrastructure, ISO-27001, mfa, monitoring, password, PCI, risk, saas, sans, service, social-engineering, software, threat, update, vulnerability

Drum prüfe”¦Die zunehmende Abhängigkeit von IT-Dienstleistern und Software von Drittanbietern vergrößert die Angriffsfläche von Unternehmen erheblich. Das wird auch durch zahlreiche Cyberattacken immer wieder unterstrichen. Zwar lassen sich die Risiken in Zusammenhang mit Third-Party-Anbietern nicht gänzlich beseitigen, aber durchaus reduzieren. Dabei sollten Sicherheitsentscheider eine zentrale Rolle spielen, wie Randy Gross, CISO bei CompTIA, erklärt: “CISOs…
China-linked snoops have been exploiting Dell 0-day since mid-2024, using ‘ghost NICs’ to avoid detection

Feb 18, 2026 1:58 AM

Tags: china, detection, exploit, infection, zero-day

Full scale of infections remains ‘unknown’ First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/dell_0day_brickstorm_campaign/
GitGuardian Doubles Down on AI Agent Defense With $50M Raise

Feb 18, 2026 12:58 AM

Tags: ai, control, credentials, defense, detection, governance, identity

Series C Funding Round Focuses on Secrets Remediation, Agent Governance Expansion. Backed by a $50 million Series C, GitGuardian plans to accelerate U.S. expansion and enhance secrets detection remediation and non-human identity controls as AI agents multiply across enterprises, increasing exposure to credential abuse and lateral movement. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gitguardian-doubles-down-on-ai-agent-defense-50m-raise-a-30778
Context-Based Attestation: A Practical Approach to High-Confidence Identity Verification

Feb 17, 2026 9:58 PM

Tags: ai, attack, breach, dark-web, deep-fake, detection, exploit, fraud, identity, jobs, risk, service, social-engineering

<div cla From hiring and onboarding fraud to service desk social engineering, attackers increasingly exploit identity workflows with stolen identities, forged documents, and deepfake-enabled impersonation. Gartner® warns that “by 2028, one in four candidate profiles will be fake.”1 Their latest CISO Edge research mentions, “Deploy detection and prevention capabilities, such as automated identity verification and assessment…
Scam Guard for desktop: A second set of eyes for suspicious moments

Feb 17, 2026 6:58 PM

Tags: ai, detection, scam, windows

Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
Scam Guard for desktop: A second set of eyes for suspicious moments

Feb 17, 2026 6:58 PM

Tags: ai, detection, scam, windows

Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
What 5 Million Apps Revealed About Secrets in JavaScript

Feb 17, 2026 4:58 PM

Tags: api, data-breach, detection, Intruder

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery – until now. Intruder’s research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here’s what we learned. First seen on bleepingcomputer.com Jump to…
ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit

Feb 17, 2026 2:58 PM

Tags: android, control, detection, edr, email, exploit, infection, malicious, mobile, software, spyware, threat, unauthorized, vulnerability

Reliance on deception and not exploits: Despite the name, ZeroDayRAT does not depend on undisclosed operating system vulnerabilities to infect devices. Instead, the primary infection vector is social engineering. Victims are persuaded to install a malicious application or configuration profile disguised as legitimate software, often delivered through links shared via SMS, email, or messaging platforms.While…
My Day Getting My Hands Dirty with an NDR System

Feb 17, 2026 1:58 PM

Tags: ai, detection, network, soc, threat

My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now?My objectiveAs someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience…
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts

Feb 17, 2026 12:58 PM

Tags: cyber, cybersecurity, detection, endpoint, malicious, malware, network, threat, windows

Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social”‘engineering chains, claiming it can execute malicious code via Windows File Explorer without generating obvious network…
Contrast ADR for Google Security Operations

Feb 17, 2026 8:58 AM

Tags: detection, google, intelligence

<div cla Contrast Security has announced the availability of a new integration between Contrast ADR and Google Security Operations. This collaboration provides security operations centers (SOCs) with high-fidelity runtime application intelligence to accelerate detection and response to sophisticated application-layer threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/contrast-adr-for-google-security-operations/
Leaky Chrome extensions with 37M installs caught divulging your browsing history

Feb 16, 2026 1:58 PM

Tags: browser, chrome, cloud, container, detection, docker, encryption, google, malicious, network, privacy

Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
Leaky Chrome extensions with 37M installs caught shipping your browsing history

Feb 16, 2026 12:58 PM

Tags: browser, chrome, cloud, container, detection, docker, encryption, google, malicious, network, privacy

Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
Matryoshka Clickfix Variant Targets macOS Users, Deploys New Stealer Malware

Feb 16, 2026 9:58 AM

Tags: cyber, detection, macOS, malware, social-engineering

A new variant of the “ClickFix” social engineering campaign specifically targeting macOS users. Codenamed Matryoshka a reference to its multiple nested obfuscation layers this evolution builds on prior ClickFix lures. However, it adds advanced evasion features, including in”‘memory decompression and API”‘gated communication that make detection and analysis significantly harder. Once triggered, the chain loads a stealthy AppleScript payload aimed at stealing…
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons

Feb 16, 2026 8:58 AM

Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerability

Security shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…
NDSS 2025 Automated Mass Malware Factory

Feb 13, 2026 10:58 PM

Tags: android, attack, conference, defense, detection, Internet, malicious, malware, microsoft, network, software

Session 12B: Malware Authors, Creators & Presenters: Heng Li (Huazhong University of Science and Technology), Zhiyuan Yao (Huazhong University of Science and Technology), Bang Wu (Huazhong University of Science and Technology), Cuiying Gao (Huazhong University of Science and Technology), Teng Xu (Huazhong University of Science and Technology), Wei Yuan (Huazhong University of Science and Technology),…
NDSS 2025 Density Boosts Everything

Feb 13, 2026 5:58 PM

Tags: ai, attack, conference, cybersecurity, detection, Internet, malware, military, network, resilience, strategy, training

Session 12B: Malware Authors, Creators & Presenters: Jianwen Tian (Academy of Military Sciences), Wei Kong (Zhejiang Sci-Tech University), Debin Gao (Singapore Management University), Tong Wang (Academy of Military Sciences), Taotao Gu (Academy of Military Sciences), Kefan Qiu (Beijing Institute of Technology), Zhi Wang (Nankai University), Xiaohui Kuang (Academy of Military Sciences) PAPER Density Boosts Everything:…
Turning IBM QRadar Alerts into Action with Criminal IP

Feb 13, 2026 4:58 PM

Tags: detection, ibm, intelligence, risk, siem, soar, soc, threat

Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
Turning IBM QRadar Alerts into Action with Criminal IP

Feb 13, 2026 4:58 PM

Tags: detection, ibm, intelligence, risk, siem, soar, soc, threat

Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
Turning IBM QRadar Alerts into Action with Criminal IP

Feb 13, 2026 4:58 PM

Tags: detection, ibm, intelligence, risk, siem, soar, soc, threat

Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection

Feb 13, 2026 10:58 AM

Tags: attack, control, cve, cyber, cybercrime, data, ddos, detection, exploit, marketplace, phishing, ransomware, rat, theft, windows

XWorm, a multi-functional .NET”‘based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once deployed, it enables full remote control of compromised Windows systems, including data theft, remote desktop control, DDoS attacks, and ransomware execution.…
5 key trends reshaping the SIEM market

Feb 13, 2026 8:58 AM

Tags: ai, api, attack, automation, business, cloud, compliance, crowdstrike, cyber, cybersecurity, data, detection, edr, google, guide, Hardware, ibm, identity, incident response, intelligence, jobs, monitoring, msp, network, nis-2, saas, service, siem, soar, startup, technology, threat, tool, vulnerability, vulnerability-management

Market split as midrange sales offset SME slump: A year on, Context’s data shows that this ongoing convergence of SIEM with security tools such as XDR and SOAR has triggered a structural split in the market.”Large midmarket firms are doubling down on unified platforms for compliance, while smaller organizations are investing less in SIEM entirely…
Anomaly Detection in Post-Quantum Encrypted MCP Metadata Streams

Feb 13, 2026 5:58 AM

Tags: ai, attack, detection, encryption, tool

Secure your MCP metadata streams with post-quantum encryption and AI-driven anomaly detection. Learn to stop puppet attacks and tool poisoning in AI infrastructure. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/anomaly-detection-in-post-quantum-encrypted-mcp-metadata-streams/
Advanced Threat Detection Proactive Cyber Defense Capabilities

Feb 12, 2026 9:58 PM

Tags: cyber, defense, detection, framework, network, risk, threat

In today’s rapidly evolving threat landscape, organizations must maintain continuous visibility, strong detection mechanisms, and rapid response capabilities to defend against increasingly sophisticated cyber adversaries. Our Security Operations framework demonstrates proven effectiveness in identifying, analyzing, and mitigating high-risk network threats in real time. Below are two recent case studies that highlight our proactive detection, investigative…
NDSS 2025 Revisiting Concept Drift In Windows Malware Detection

Feb 12, 2026 6:58 PM

Tags: conference, control, data, detection, Internet, malware, network, windows

Session 12B: Malware Authors, Creators & Presenters: Adrian Shuai Li (Purdue University), Arun Iyengar (Intelligent Data Management and Analytics, LLC), Ashish Kundu (Cisco Research), Elisa Bertino (Purdue University) PAPER Revisiting Concept Drift in Windows Malware Detection: Adaptation to Real Drifted Malware with Minimal Samples In applying deep learning for malware classification, it is crucial to…
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

Feb 12, 2026 2:58 PM

Tags: access, control, credentials, data, ddos, detection, flaw, fortinet, Intruder, malicious, malware, microsoft, office, phishing, rat, risk, theft, tool

Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

Feb 12, 2026 2:58 PM

Tags: access, control, credentials, data, ddos, detection, flaw, fortinet, Intruder, malicious, malware, microsoft, office, phishing, rat, risk, theft, tool

Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

Feb 12, 2026 2:58 PM

Tags: access, control, credentials, data, ddos, detection, flaw, fortinet, Intruder, malicious, malware, microsoft, office, phishing, rat, risk, theft, tool

Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…