OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

/in

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015.
Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform.
“The documents contained VBA code to drop and run an executable with the name ‘ctrlpanel.exe,'”

The Hacker News – ​Read More

United Nations Agency Investigating Ransomware Attack Involving Data Theft

/in

United Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data.

The post United Nations Agency Investigating Ransomware Attack Involving Data Theft appeared first on SecurityWeek.

SecurityWeek – ​Read More

Multi-Data Platform SIEM Anvilogic Raises $45 Million

/in

Silicon Valley startup Anvilogic has raised $45 million in a Series C funding round led by Evolution Equity Partners.

The post Multi-Data Platform SIEM Anvilogic Raises $45 Million appeared first on SecurityWeek.

SecurityWeek – ​Read More

IT and Security Professionals Demand More Workplace Flexibility

/in

The concept of Everywhere Work is now much broader, encompassing where, when, and how professionals get their work done — and flexibility has become a key workplace priority, according to Ivanti.

Cyware News – Latest Cyber News – ​Read More

FIN7 Targets American Automaker’s IT Staff in Phishing Attacks

/in

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.

Cyware News – Latest Cyber News – ​Read More

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

/in

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak).
“FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights,” the BlackBerry research and intelligence team said in a new write-up.
“They

The Hacker News – ​Read More

Break Security Burnout: Combining Leadership With Neuroscience

/in

Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.

darkreading – ​Read More

Five Eyes Agencies Release New AI Security Guidance

/in

Five Eyes cybersecurity agencies have released joint guidance on securely deploying and operating AI systems. 

The post Five Eyes Agencies Release New AI Security Guidance appeared first on SecurityWeek.

SecurityWeek – ​Read More

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

/in

The missing ingredient in NIST’s newest cybersecurity framework? Recovery.

darkreading – ​Read More

Malvertising Campaign Targeting IT Teams with MadMxShell Backdoor

/in

The backdoor uses techniques such as multiple stages of DLL sideloading and DNS tunneling for command-and-control (C2) communication as a means to evade endpoint and network security solutions, respectively.

Cyware News – Latest Cyber News – ​Read More