Gartner’s top security threat and pentesting vs continuous scans – what you missed from Hack Yourself Stockholm 2021

TL/DR: Detectify’s Hack Yourself event in Stockholm is 24 hours away, which means that it’s time to catch up on what happened at our last event in late 2021. From Gartner including External Attack Surface Management (EASM) as the top...

/ May 18, 2022

How to Protect Your Data When Ransomware Strikes

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a...

/ May 18, 2022

KurayStealer – Tool Sold to Criminals that Have Password Stealing and Screenshot Capabilities

There was an advertisement by a discord user with the handle “Portu” that exploded over the internet on April 23rd, 2022 for a new password-stealing malware builder. It is a sort of program that enables so-called script kiddie hackers, to...

/ May 18, 2022

New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer

Microsoft has discovered a new Sysrv botnet variant deploying cryptocurrency miners on Windows and Linux systems. The Microsoft Security Intelligence team posted a series of tweets on their official Twitter handle (@MsftSecIntel) to reveal startling details on the new variant of the...

/ May 17, 2022

Killnet Pro-Russian Group Vows To Launch Cyber Attacks On Ten Countries

Posted on May 17, 2022 at 7:03 PM The Killnet pro-Russian hacking group that targeted the Eurovision song contest in Italy has declared “war” against Italy and ten other countries. Earlier this week, Italian authorities stopped an attack on the...

/ May 17, 2022

Hackers Exploiting a Critical Vulnerability in Zyxel Firewall & VPN Devices

Several hackers have newly begun exploiting a recently patched critical vulnerability, identified as CVE-2022-30525, which is affecting business firewall and VPN devices from Zyxel. In response to this vulnerability, the cybersecurity experts at Rapid7 have discovered that a number of...

/ May 17, 2022

Evaluation of cyber activities and the threat landscape in Ukraine

Introduction When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in the cyber domain did not match their predictions[1]. Since the beginning of the fighting, new cyberattacks taking place in Ukraine...

/ May 17, 2022

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. “Perhaps one of the most identifiable features of the malware is...

/ May 17, 2022

Attackers can Install Malware on iPhone When it is Powered Off – Research

The iOS Find My feature has a safety loophole that can lead to infecting the iPhone even if the phone is off. Academic researchers from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt have identified a...

/ May 16, 2022

Frustrated IT Admin Gets 7 Years in Prison for Wiping Employer’s Databases

Chinese real estate biz giant Lianjia’s former database administrator, Han Bing (40-year-old), has been sentenced to 7 years in prison for hacking the corporate company’s systems and wiping their data. Bing allegedly deleted all stored data from two database servers...

/ May 16, 2022

Researchers Find Potential Way to Run Malware on iPhone Even When it’s OFF

A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that’s executed while an iPhone is “off.” The mechanism...

/ May 16, 2022

Synack at Gartner’s 2022 Security and Risk Summit

Conference season is back! In addition to the RSA Conference, Synack will be well represented at the Gartner Security and Risk Summit June 7-9 in National Harbor, MD.  You can visit us at any time during the conference on the...

/ May 16, 2022