Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said … [Read more...] about Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors
Defense
HijackLoader Expands Techniques to Improve Defense Evasion
HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to enhance its complexity and defense evasion CrowdStrike detects this new HijackLoader variant using machine learning and behavior-based detection capabilities CrowdStrike researchers have … [Read more...] about HijackLoader Expands Techniques to Improve Defense Evasion
Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, … [Read more...] about Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
Jul 20, 2023THNCyber Attack / Malware The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to … [Read more...] about Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud
In today’s security climate, NetOps and SecOps teams are witnessing increased attack surface area as applications and workloads move far beyond the boundaries of their data center. These applications/workloads move to, and reside in multi-cloud architecture, adding complexity to connectivity, visibility, and control. In the multi-cloud world, the SecOps teams use a distributed … [Read more...] about Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud
Secure Email Threat Defense: Providing critical insight into business risk
Attackers specifically craft business email compromise (BEC) and phishing emails using a combination of malicious techniques, expertly selected from an ever-evolving bag of tricks. They’ll use these techniques to impersonate a person or business that’s well-known to the targeted recipient and hide their true intentions, while attempting to avoid detection by security … [Read more...] about Secure Email Threat Defense: Providing critical insight into business risk
Stay on target: How accurate threat detection leads to better defense
The X-Wings began their run across the surface of the Death Star, racing to attack an exposed thermal exhaust port. Luke Skywalker was there, his tiny spacecraft rocking and shaking, buffeted by explosions. As he closed in on his target, Luke did something truly daring—he switched off his targeting system. He was now relying solely on the Force to help him find his … [Read more...] about Stay on target: How accurate threat detection leads to better defense
New “SockDetour” Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. "SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup … [Read more...] about New “SockDetour” Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The attack is unique as it leverages Microsoft OneDrive as a command-and-control (C2) server and is split into as many as six stages to stay as hidden as … [Read more...] about Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud
In today’s security climate, NetOps and SecOps teams are witnessing increased attack surface area as applications and workloads move far beyond the boundaries of their data center. These applications/workloads move to, and reside in, multicloud architecture, adding complexity to connectivity, visibility, and control. In the multicloud world, the SecOps teams use a distributed … [Read more...] about Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud