Research, News, and Perspectives

Cyber Crime

This Week in Security News - January 21, 2022

 This week, read about various cybersecurity threats that affect industrial control and the Cybersecurity and Infrastructure Security Agency (CISA)’s latest cyberattack warnings.

Expert Perspective Jan 21, 2022

Save to Folio

Expert Perspective Jan 21, 2022

Save to Folio

Malware

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection.

Jan 21, 2022

Save to Folio

Jan 21, 2022

Save to Folio

Cyber Threats

Codex Exposed: Task Automation and Response Consistency

Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage, so we wondered if a tool like Codex was reliable enough to be scripted and left to run unsupervised, generating the required code.

Research Jan 21, 2022

Save to Folio

Research Jan 21, 2022

Save to Folio

IoT

Defending Users’ NAS Devices From Evolving Threats

In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices.

Research Jan 20, 2022

Save to Folio

Research Jan 20, 2022

Save to Folio

Ransomware

Cybersecurity for Industrial Control Systems: Part 2

To cap off the series, we’ll discuss malware detection and distribution in various countries. Our team also rounds up several insights to help strengthen ICS cybersecurity and mitigate malware attacks.

Research Jan 20, 2022

Save to Folio

Research Jan 20, 2022

Save to Folio

Ransomware

New Ransomware Spotted: White Rabbit and Its Evasion Tactics

We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer.

Research Jan 18, 2022

Save to Folio

Research Jan 18, 2022

Save to Folio

APT & Targeted Attacks

Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses.

Research Jan 17, 2022

Save to Folio

Research Jan 17, 2022

Save to Folio

Ransomware

Cybersecurity for Industrial Control Systems: Part 1

In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats.

Research Jan 15, 2022

Save to Folio

Research Jan 15, 2022

Save to Folio

Malware

This Week in Security News - January 14, 2022

This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act (FISMA) for the first time in eight years.

Expert Perspective Jan 14, 2022

Save to Folio

Expert Perspective Jan 14, 2022

Save to Folio

Exploits & Vulnerabilities

Analyzing an Old Bug and Discovering CVE-2021-30995

A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995.

Research Jan 14, 2022

Save to Folio

Research Jan 14, 2022

Save to Folio