Network Security

This year has seen an explosion of infostealers targeting the macOS platform. Throughout 2023, we have observed a number of new infostealer families including MacStealer, Pureland, Atomic Stealer and RealStealer (aka Realst). Over the last few months, we have also been tracking a family of infostealers we call ‘MetaStealer’. Last week, Apple dropped a new …

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks  Read More »

The Good | US and UK Sanction Russian Cybercrime Gang The US and UK governments imposed joint sanctions on 11 Russian individuals this week for their part in ransomware and other cybercrime activities widely attributed to the Conti and TrickBot gangs. Nine of the eleven have further been charged with ransomware offences in the US. …

The Good, the Bad and the Ugly in Cybersecurity – Week 36 Read More »

LABScon is back – after last year’s stunning success, the bespoke, invite-only conference for the cybersecurity industry’s leading experts, threat investigators, journalists, academics and government partners returns for its second installment in Scottsdale, Arizona from 20th September through to 24th (places are limited, but it’s still possible to request an invite). Showcasing cutting-edge research into …

LABScon 2023 | Security Research in Real Time – Talks Not to Miss, Part One Read More »

SentinelOne is pleased to announce general availability (GA) of Cloud Rogues, an exciting new feature of our real-time cloud workload protection platform (CWPP), Singularity Cloud Workload Security. Cloud Rogues continuously monitors virtual machines (VMs) in all AWS accounts where it is enabled, across all regions. It automates a complete inventory of unprotected VMs and identifies …

Feature Spotlight | Auto-Discover Unprotected Amazon EC2 Instances with Cloud Rogues Read More »

The retail sector, a cornerstone of the global economy, has faced an unprecedented wave of cyberattacks in recent years. Innovations in e-commerce and payment technology have transformed the way consumers shop, but it has also opened up new avenues for cyber threats. The consequences of these attacks can reach far beyond the immediate financial losses. …

Protecting the Checkout Line | Understanding the Top Threats to Retail Cybersecurity Read More »

The Good | International Operation Takes Down Multi-Layered Qakbot Infrastructure Qakbot, a long-established malware and botnet infrastructure in the cyber threat ecosystem, was toppled this week after a successful global operation led by US authorities. Dubbed “Operation Duck Hunt”, the joint operation involved redirecting the botnet’s communication to FBI-controlled servers. The FBI seized the botnet’s …

The Good, the Bad and the Ugly in Cybersecurity – Week 35 Read More »

2023 has been no stranger to cyber threats and both the rates and sophistication of attacks launched have only continued on their upward trajectories. Based on findings from a recent Cyber Threat Intelligence Index report, threats like ransomware, data breaches, and software vulnerabilities have all made major impacts on the landscape this year. As global …

Endpoint, Identity and Cloud | Top Cyber Attacks of 2023 (So Far) Read More »

Good Day ransomware, a variant within the ARCrypter family, was first observed in-the-wild in May of 2023. Between June and August of 2023, we observed an uptick in Good Day ransomware campaigns and a proliferation of new ransom note samples in public malware repositories. This new wave of Good Day attacks feature individual TOR-based victim …

Threat Actor Interplay | Good Day’s Victim Portals and Their Ties to Cloak Read More »

State and local governments have increasingly fallen prey to cybercriminals seeking to exploit often outdated technology systems and limited cybersecurity resources. Their vital role in delivering essential public services, coupled with the vast amounts of sensitive citizen data they store, makes them attractive targets. Attacks on government institutions not only disrupt crucial services but also …

Public Sector Cybersecurity | Why State & Local Governments Are at Risk Read More »

The Good | Lapsus$ Teen Members Found Responsible for High-Profile Cyber Crime Spree This week, a London jury found 18 year-old Arion Kurtaj of Oxford, UK to be responsible for a series of cyberattacks against major firms, including Uber, Nvidia, and Rockstar Games. Additional charges include computer intrusion, fraud, and the demand for millions of …

The Good, the Bad and the Ugly in Cybersecurity – Week 34 Read More »