Collecting Cyber-News from over 60 sources

Tag: detection

Telegram Used as C2 Channel for New Golang Malware

Feb 17, 2025 12:46 PM

Tags: backdoor, control, detection, malware

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/telegram-c2-channel-golang-malware/
From Tools to Intelligence: The Evolution of SOCaaS

Feb 15, 2025 9:11 AM

Tags: cybersecurity, data, detection, endpoint, intelligence, threat, tool

In the early days of cybersecurity, security teams faced a fragmented reality”, juggling multiple tools that operated in isolation. Managed Detection and Response (MDR) solutions watched for threats, while Endpoint Detection and Response (EDR) platforms monitored endpoints. However, these tools often spoke different languages, creating data silos and leaving security teams scrambling to connect the…
The Benefits of the M&A Frenzy in Fraud Solutions

Feb 15, 2025 5:14 AM

Tags: ai, cybercrime, deep-fake, detection, exploit, finance, fraud, identity, scam

Emerging Vendors, Consolidation Drive Innovation in Fraud, AML, Scam Prevention. As cybercriminals exploit AI-generated deepfake scams and synthetic identity fraud, financial institutions are investing heavily in fraud detection, anti-money laundering solutions and identity verification to stay ahead. This demand is driving consolidation in the market. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/benefits-ma-frenzy-in-fraud-solutions-a-27533
Ransomware Detection: Attack Types Latest Techniques in 2025

Feb 15, 2025 5:14 AM

Tags: access, attack, cybersecurity, detection, finance, malicious, ransomware, software, threat

Ransomware continues to be a formidable threat in the cybersecurity landscape, evolving in complexity and sophistication. It is a type of malicious software that encrypts a victim’s files or restricts access to their system, demanding payment for decryption or restoration. These attacks can lead to significant financial losses, operational disruptions, and reputational damage. As we…
Malware Detection: How to detect and remove malware ?

Feb 15, 2025 5:14 AM

Tags: cybercrime, data, detection, malicious, malware, ransomware, software, spyware, theft, unauthorized

Malware, a contraction of “malicious software,” encompasses any intrusive program developed by cybercriminals to compromise data integrity, damage systems, or gain unauthorized access. This broad category includes viruses, ransomware, spyware, and trojans, among others. Malware can infiltrate systems through infected files or malicious URLs, executing a range of harmful activities from data theft to initiating…
Fake BSOD Attack Launched via Malicious Python Script

Feb 14, 2025 2:48 PM

Tags: attack, cyber, detection, malicious

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick to mimic a fake Blue Screen of Death (BSOD). The script, which has a low detection rate of 4/59 on VirusTotal (SHA256: d716c2edbcdb76c6a6d31b21f154fee7e0f8613617078b69da69c8f4867c9534), drew the attention of security researchers for its creative use of Python’s Tkinter library. The Execution and Impact…
What is anomaly detection? Behavior-based analysis for cyber threats

Feb 14, 2025 7:48 AM

Tags: ai, attack, awareness, business, ceo, ciso, computer, control, credentials, cyber, cybersecurity, data, detection, edr, endpoint, firewall, framework, fraud, ibm, infrastructure, injection, jobs, malware, network, nist, ransomware, siem, soc, sql, strategy, threat, tool, waf

a priori the bad thing that you’re looking for,” Bruce Potter, CEO and founder of Turngate, tells CSO. “It’ll just show up because it doesn’t look like anything else or doesn’t look like it’s supposed to. People have been tilting at that windmill for a long time, since the 1980s, trying to figure out what…
DLP solutions vs today’s cyberthreats: The urgent need for modern solutions

Feb 14, 2025 12:48 AM

Tags: access, ai, awareness, breach, business, cloud, corporate, data, data-breach, detection, email, endpoint, finance, malicious, ml, network, risk, risk-management, saas, threat, tool, unauthorized

The limitations of traditional data loss prevention solutions One of the biggest challenges is that legacy data loss prevention (DLP) tools struggle to meet modern data security needs. Their dependence on lengthy processes”, data discovery, classification, and policy creation”, results in slow time to value. As a result, organizations can face months of delays before…
Application Detection and Response (ADR) Gives the SOC Deep Visibility into the Application Layer – Contrast Security

Feb 13, 2025 7:48 PM

Tags: attack, cloud, detection, endpoint, soc, threat, tool, vulnerability
Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications

Feb 13, 2025 2:48 PM

Tags: communications, control, cyber, cybercrime, cybersecurity, detection, endpoint, exploit, framework, github, hacker, malicious, open-source, penetration-testing, tool

Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in…
24% of vulnerabilities are abused before a patch is available

Feb 13, 2025 1:48 PM

Tags: access, attack, breach, credentials, cve, cyber, data-breach, detection, exploit, incident response, intelligence, network, service, social-engineering, software, threat, tool, update, vulnerability, vulnerability-management, zero-trust

Building the case for proactive security: Boris Cipot, senior security engineer at software composition analysis firm Black Duck, said that several factors contribute toward the rise in exploited vulnerabilities, including improvements in monitoring.”The software we use may simply contain more vulnerabilities, or these vulnerabilities are being reported and discovered more effectively,” Cipot said. “Some vulnerabilities…
The Rise of Non-Ransomware Attacks on AWS S3 Data

Feb 13, 2025 1:48 PM

Tags: access, attack, authentication, breach, cloud, communications, compliance, control, cyber, data, data-breach, detection, encryption, exploit, Hardware, iam, lessons-learned, malicious, monitoring, ransom, ransomware, regulation, risk, software, strategy, threat, tool, unauthorized

The Rise of Non-Ransomware Attacks on AWS S3 Data madhav Thu, 02/13/2025 – 04:39 A sophisticated ransomware gang, Codefinger, has a cunning new technique for encrypting data stored in AWS S3 buckets without traditional ransomware tools. Instead, they exploit the AWS server-side encryption with customer-provided keys (SSE-C), extorting payment in exchange for the encryption key.…
Ransomware gangs shifting tactics to evade enterprise defenses

Feb 12, 2025 6:55 PM

Tags: defense, detection, law, ransomware, tactics, threat

Threat actors adapted to improved threat detection, law enforcement actions, new Huntress research finds. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-gangs–tactics-/739937/
The Current AI Revolution Will (Finally) Transform Your SOC

Feb 12, 2025 5:57 PM

Tags: ai, cybersecurity, detection, intelligence, soc

Artificial intelligence (AI) is profoundly transforming cybersecurity, reimagining detection through remediation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/the-current-ai-revolution-will-finally-transform-your-soc/
Getting the Most Value out of the OSCP: Pre-Course Prep

Feb 12, 2025 5:57 PM

Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windows

The first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
Enhancing Threat Detection With Improved Metadata MITRE ATTCK tags

Feb 12, 2025 4:55 PM

Tags: cyber, cybersecurity, detection, intelligence, mitre, threat, tool, update

The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat emerging threats. In response, Proofpoint’s Emerging Threats (ET) team has implemented significant updates to its ruleset, enhancing metadata coverage and integrating MITRE ATT&CK tags. These advancements aim to provide security teams with actionable intelligence and improved context for detecting and…
Logpoint und Netheimur verstärken den Unternehmensschutz in Island

Feb 12, 2025 3:55 PM

Tags: cybersecurity, detection, network

Logpoint hat auch sein Produktportfolio erweitert und vor kurzem das dänische Network Detection and Response (NDR)-Unternehmen Muninn übernommen, um Unternehmen dabei zu helfen, ihre Sicherheitsleistung durch verbesserte Cybersecurity-Transparenz zu verbessern. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/logpoint-und-netheimur-verstaerken-den-unternehmensschutz-in-island/a39784/
Security Detection Tech Failing, Say Cyber Leaders in Regulated Industries

Feb 12, 2025 1:55 PM

Tags: cyber, detection, threat

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-detection-tech-failing/
SystemBC RAT Now Targets Linux, Spreading Ransomware and Infostealers

Feb 11, 2025 2:55 PM

Tags: detection, linux, ransomware, rat

SystemBC RAT now targets Linux, enabling ransomware gangs like Ryuk Conti to spread, evade detection, and maintain encrypted C2 traffic for stealthy cyberattacks. First seen on hackread.com Jump to article: hackread.com/systembc-rat-targets-linux-ransomware-infostealers/
EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Feb 11, 2025 12:55 PM

Tags: apt, communications, control, cyber, cyberattack, detection, malware, network, tactics, threat

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical organizations globally. Unlike common malware, APTs employ evasive tactics, techniques, and procedures (TTPs) to remain undetected for extended periods. Their command-and-control (C&C) communications often mimic legitimate web traffic, making detection particularly challenging for traditional Network Intrusion Detection Systems (NIDS). To address…
Top 5 ways attackers use generative AI to exploit your systems

Feb 11, 2025 7:55 AM

Tags: access, ai, attack, authentication, awareness, banking, captcha, chatgpt, china, control, cyber, cybercrime, cybersecurity, defense, detection, exploit, extortion, finance, flaw, fraud, group, hacker, intelligence, LLM, malicious, malware, network, phishing, ransomware, resilience, service, spam, tactics, theft, threat, tool, vulnerability, zero-day

Facilitating malware development: Artificial intelligence can also be used to generate more sophisticated or at least less labour-intensive malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s…
Phishing Season 2025: The Latest Predictions Unveiled

Feb 10, 2025 7:55 PM

Tags: access, ai, attack, authentication, automation, cloud, communications, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, election, email, exploit, finance, google, government, group, infrastructure, intelligence, login, malware, mfa, mobile, network, passkey, phishing, ransomware, risk, service, social-engineering, strategy, tactics, technology, threat, tool, update, voip, vulnerability, zero-trust

Every year, cybercriminals sharpen their tools and refine their tactics to exploit network and security vulnerabilities. Gone are the days of clumsy emails with glaring typos and suspicious attachments. Instead, we face an era of new sophistication. No longer just stealing credentials, attackers are creating intricate digital narratives that make it difficult to distinguish friend…
New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2

Feb 10, 2025 6:54 PM

Tags: control, cyber, detection, exploit, malware

A recent analysis of over one million malware samples by Picus Security has revealed a growing trend in the exploitation of application layer protocols for stealthy command-and-control (C2) operations. These findings, detailed in the Red Report 2025, underscore the increasing sophistication of cyber adversaries who leverage widely used protocols to evade detection and maintain persistence…
New ‘BYOTB’ Attack Exploits Trusted Binaries to Evade Detection, Researchers Reveal

Feb 10, 2025 2:37 PM

Tags: attack, cyber, cybersecurity, detection, endpoint, exploit

A recent cybersecurity presentation at BSides London 2024 has unveiled a sophisticated attack technique known as Bring Your Own Trusted Binary (BYOTB). This method leverages legitimate, trusted binaries to evade detection by advanced security measures such as Endpoint Detection and Response (EDR) systems and firewalls. The findings, presented by cybersecurity researcher David Kennedy of Jumpsec…
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Feb 8, 2025 8:06 AM

Tags: cybersecurity, detection, hacker, malicious, ml

Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of “broken” pickle files to evade detection.”The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file,” ReversingLabs researcher Karlo Zanki said in a report shared with The…
Securing Autonomous AI Workflows Through Advanced Single Sign-On

Feb 7, 2025 9:06 PM

Tags: access, ai, detection, least-privilege, threat

Single Sign-On (SSO) is transforming how AI agents authenticate across systems. This article explores SSO’s role in enhancing security, enforcing least-privilege access, and enabling real-time threat detection for autonomous AI workflows. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/securing-autonomous-ai-workflows-through-advanced-single-sign-on/
EDR-Killer So lässt sich eine Endpoint-DetectionResponse-Lösung selber schützen

Feb 7, 2025 3:06 PM

Tags: detection, edr, endpoint, ransomware, tool

Die Bedrohungsakteure entwickeln sich in der heutigen Cybersicherheitslandschaft ständig weiter und suchen nach neuen Wegen, um mit immer ausgefeilteren Tools und Techniken in Unternehmen einzudringen. Dieses ständige ‘Katz- und Mausspiel” hat zu Endpoint-Detection and Response (EDR) -Killern geführt, die in Verbindung mit dem Auftauchen neuer Ransomware-Varianten und der Umbenennung älterer Varianten zu einer erheblichen Bedrohung…
EDR Killer: Was sie sind und wie sich Unternehmen schützen

Feb 7, 2025 9:06 AM

Tags: detection, edr, ransomware, tool

Die Bedrohungsakteure entwickeln sich in der heutigen Cybersicherheitslandschaft ständig weiter und suchen nach neuen Wegen, um mit immer ausgefeilteren Tools und Techniken in Unternehmen einzudringen. Dieses ständige ‘Katz- und Mausspiel” hat zu EDR Killern (Endpoint Detection and Response) geführt, die in Verbindung mit dem Auftauchen neuer Ransomware-Varianten und der Umbenennung älterer Varianten zu einer erheblichen…
Die besten Cyber-Recovery-Lösungen

Feb 7, 2025 5:06 AM

Tags: access, ai, backup, business, cloud, cyber, cyberattack, data, detection, endpoint, Hardware, incident response, mail, malware, microsoft, mitigation, monitoring, ransomware, risk, saas, service, software, threat, tool, update, vulnerability, zero-trust
Hugging Face platform continues to be plagued by vulnerable ‘pickles’

Feb 6, 2025 6:06 PM

Tags: detection, malware, vulnerability

A widely used python module for machine-learning developers can be loaded with malware and bypass detection measures. First seen on cyberscoop.com Jump to article: cyberscoop.com/hugging-face-platform-continues-to-be-plagued-by-vulnerable-pickles/