Slippery RansomExx Malware Moves to Rust, Evading VirusTotal

slippery-ransomexx-malware-moves-to-rust,-evading-virustotal

The APT group DefrayX appears to have launched a new version of its RansomExx malware, rewritten in the Rust programming language — possibly to avoid detection by antivirus software. According to IBM Security X-Force Threat researchers, that evasion may be successful, at least for now. IBM reported that one sample that it analyzed “was not detected […]

For Gaming Companies, Cybersecurity Has Become a Major Value Proposition

for-gaming-companies,-cybersecurity-has-become-a-major-value-proposition

The video game industry has been booming of late — and cybercriminals are drawn to it as an expanding threat surface, seeing players as a potentially less cautious group of victims. As such, cybersecurity has risen in profile as a major business priority and differentiator for many in the industry. There’s been an influx of casual […]

How Development Teams Should Respond to Text4Shell

how-development-teams-should-respond-to-text4shell

A family moves into their dream home, only to be plagued by ominous letters, a strange tenant, and sinister threats. Sound familiar? It should. This is the story behind The Watcher, a true crime series that premiered on Netflix on October 13, 2022. It’s also the story of the Text4Shell vulnerability, which was announced that […]

Why Africa’s Telecoms Must Actively Collaborate to Combat Fraud

why-africa’s-telecoms-must-actively-collaborate-to-combat-fraud

With the digital transformation of the post-pandemic world, Africa is seeing a massive technology revolution, especially in the telecom industry, which has shifted network infrastructure away from traditional services to more advanced commercial routers, switches, and servers. But this move hasn’t been without some challenges — notably cybersecurity risks. Mordor Intelligence predicts that the entertainment […]

‘Patch Lag’ Leaves Millions of Android Devices Vulnerable

‘patch-lag’-leaves-millions-of-android-devices-vulnerable

It’s called a “patch gap” and describes the time it takes a fix for a known vulnerability to trickle down from software vendor to individual device manufacturers. And the latest casualties are the millions of Pixel, Samsung, Xiaomi, and other Android device brands. According to Google’s Project Zero, after its team discovered five separate bugs […]

Hot Ticket: ‘Aurora’ Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors

hot-ticket:-‘aurora’-go-based-infostealer-finds-favor-among-cyber-threat-actors

A growing number of cybercriminal groups are turning to an information stealer named Aurora, which is based on the Go open source programming language, to target data from browsers, cryptocurrency wallets, and local systems. A research team at cybersecurity firm Sekoia discovered at least seven malicious actors, which it refers to as “traffers,” that have […]

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

microsoft:-popular-iot-sdks-leave-critical-infrastructure-wide-open-to-cyberattack

Microsoft this week identified a gaping attack vector for disabling industrial control systems (ICS), which is unfortunately pervasive throughout critical infrastructure networks: the Boa Web server. The computing giant has identified vulnerabilities in the server as the initial access point for successful attacks on the Indian energy sector earlier this year, carried out by Chinese hackers. But here’s the kicker: It’s a […]

Penetration Testing Market Size Is Projected to Reach $5.28B Globally by 2028

penetration-testing-market-size-is-projected-to-reach-$5.28b-globally-by-2028

LONDON, Nov. 23, 2022 /PRNewswire/ — The Global Penetration Testing Market is poised to reach a valuation of USD 5.28 Billion in 2028 from USD 1.87 Billion in 2021, registering a CAGR of 15.97% over the forecast duration. Penetration test is referred to as a type of ethical hacking that is deliberately performed on a […]

Where Are We Heading With Data Privacy Regulations?

where-are-we-heading-with-data-privacy-regulations?

With 65% of the global population expected to have its personal data covered under modern privacy regulations by 2023, respecting data privacy has never been more critical. As an example, the introduction of the federal American Data Privacy and Protection Act (ADPPA), along with the recent passage of a patchwork of state-level privacy laws, has […]

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

cybersecurity-pros-put-mastodon-flaws-under-the-microscope

From an anonymous server collecting user information to configuration errors that create vulnerabilities, infosec experts are pointing out security holes in Mastodon, which, seen as a replacement for Twittern is experiencing massive user growth — and an increased scrutiny of its flaws. Unlike other social media apps, which have a central authority, Mastodon is a federation of […]