Research, News, and Perspectives

Exploits & Vulnerabilities

Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

Recently, we discovered that the cryptomining trojan z0Miner has been taking advantage of the Atlassian’s Confluence remote code execution (RCE) vulnerability assigned as CVE-2021-26084, which was disclosed by Atlassian in August.

Research Sep 21, 2021

Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads

In this blog entry we look into a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans (RATs) in victim systems. This new variant also uses an updated obfuscation mechanism which we detail.

Research Sep 20, 2021

This Week in Security News - September 17, 2021

2021 Midyear Cybersecurity Report and Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware

Expert Perspective Sep 17, 2021

Cyber Threats

Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound

Here is a rundown of data related to the crucial security issues that enterprises faced during this period, as examined in our report, “Attacks From All Angles: 2021 Midyear Cybersecurity Report.”

Reports Sep 16, 2021

Exploits & Vulnerabilities

Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus

Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.

Research Sep 15, 2021

APT & Targeted Attacks

1H’2021 Security Review Shows Active Cloud Attacks

Trend Micro’s midyear report highlights the growing importance of cloud security as attacks increase in frequency and complexity.

Expert Perspective Sep 14, 2021

September Patch Tuesday: 66 Bulletins, Only 3 Critical

The September 2021 Patch Tuesday cycle is relatively good news for system administrators with only 66 total bulletins. Perhaps more significantly, only three of these were Critical bulletins.

APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs

We have continued tracking APT-C-36, also known as Blind Eagle, since our research on this threat actor in 2019. We share new findings of APT-C-36’s ongoing spam campaign targeting South American entities.

Research Sep 13, 2021

Cyber Threats

This Week in Security News - September 10, 2021

Biden announces cybersecurity initiative partnership, US Government seeks public feedback on draft federal zero trust strategy and more.

Expert Perspective Sep 10, 2021

Exploits & Vulnerabilities

Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs

Microsoft has disclosed the existence of a new zero-day vulnerability that affects multiple versions of Windows. This vulnerability (designated as CVE-2021-40444) is currently delivered via malicious Office 365 documents and requires user input to open the file to trigger.

Research Sep 09, 2021

Research, News, and Perspectives

Trending Topics