The NSA released the Ghidra, a multi-platform reverse engineering framework that could be used to find vulnerabilities and security holes in applications. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major […]
Over the last few days, a new ransomware campaign infected several users around the world as part of the #OpJerusalem campaign. SI-LAB analyzed this malware and noticed that it does not use sophisticated techniques. Criminals used UPX packer to protect malware code written in Go and a RSA public certificate is hardcoded inside malware to […]
A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP.Periscope, TEMP.Jumper, and Leviathan), apparently linked to the Chinese government, is focused on targeting countries important to the country’s Belt and Road Initiative […]
The Iran-linked Chafer APT group used a new Python-based backdoor in recent attacks aimed at a Turkish government entity. The Iran-linked Chafer APT group used a new Python-based backdoor in attacks carried out in November 2018 that targeted a Turkish government entity. The Chafer APT group has distributed data stealer malware since at least mid-2014, […]
The Chinese Telco giant presents the Brussels Huawei HCSTC (Cyber Security Transparency Centre) that will also work on the definition of global security standards. Huawei is urging the adoption of a global framework for technical and legal verification with the intent of building trust. While the tech giant is in the middle of a heated […]
Poorly protected Docker hosts exposed online continue to be a privileged target of crooks that abuse their computational resources in cryptojacking campaigns. Security experts have recently discovered hundreds of exposed Docker hosts that have been compromised by hackers exploiting the CVE-2019-5736 runc vulnerability in February. The flaw was discovered by the security researchers Adam Iwaniuk […]
Google Chronicle launched Backstory, the first global security telemetry platform designed to allow companies monitoring cyber threats. Google Chronicle announced Backstory, a cloud-based enterprise-level threat analytics platform that allows companies quickly investigate incidents, discover vulnerabilities and hunt for cyber threats. Google aims at analyzing network data and logs generated by enterprises on a daily basis […]
Microsoft started rolling out a new software update for Windows 10 systems to apply mitigations against the Spectre attacks. Over the weekend, Microsoft started distributing software updates for Windows 10 systems to enable the Retpoline mitigations against Spectre attacks. In January 2018 security experts at Google Project Zero disclosed Meltdown and Spectre side-channel attacks that […]
We’re honored to bring you our 7th Annual edition of Cyber Defense Magazine (CDM), exclusively in print at the RSA Conference (RSAC) 2019. Cyber Defense eMagazine – Annual RSA Conference 2019 Edition. Sponsored by: Regent University’s Institute for Cybersecurity Setting the Standard in Cyber Training & Education and by the RSA Conference 2019 Team! RSA […]
Cybersecurity expert at Google Project Zero has publicly disclosed details and proof-of-concept exploit for a high-severity security vulnerability in macOS operating system. Google Project Zero white hat hacker Jann Horn disclosed the flaw according to the 90-days disclosure policy of the company because Apple failed to address the issue within 90 days of being notified. […]