Malware can hide from antivirus (AV) software by abusing features in Intel Software Guard Extensions (SGX). This was recently demonstrated by Michael Schwarz, Samuel Weiser, and Daniel Gruss, researchers at Graz University of Technology.
In light of the massive data dump called Collection #1 and with more available for download and exchange in the underground, here are a few reminders for users and enterprises on how to mitigate threats on their personal information and enterprise assets.
Owners and administrators of WordPress websites that use the “Total Donations” plugin are advised to remove the plugin after a zero-day vulnerability and design flaws were seen actively exploited in the wild.
We detail how a trojan spyware gathers and steals data disguised as TeamViewer, the popular file-sharing and communication program that also lets IT teams remotely access device of enterprise employees.
Radio frequency (RF) technology is being used in operations to control various industrial machines. However, the lack of implemented security in RF communication protocols could lead to production sabotage, system control, and unauthorized access.
While underground forums have long been the purview of digital or internet-enabled crimes, recent developments have shown signs of increasing synergy and interaction between traditional criminals and cybercrime actors.