Watch Out! FormBook Malware Using New MalVirt Loader to Evade Detection

Building trust with persistent third-party risk management

Strong third-party relationships are more important than ever to businesses today. As the recent pandemic has clearly demonstrated, any disruptions to strategic partnerships--such as supply chain networks and manufacturers--can have a huge impact on a brand’s reputation and financial well-being. That’s why robust third-party risk management (TPRM) should play a key role in any company’s overall risk management strategy.

GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry

E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. Other countries targeted as part of the campaign include Germany, Saudi ...

Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker NEPTUNIUM, which is an Iran-based company known as Emennet Pasargad. In January 2022, the U.S. ...

5 Must Haves in an Automated Security Platform

Researching and committing to an automated security platform can be a confusing process. You know you need to get compliant – quickly. And, you understand that an automated platform can help make that happen. What should you focus on when deciding which platform is right for ...

SaaS in the Real World: Who's Responsible to Secure this Data?

When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data.  What’s far murkier, however, is where the data responsibility lies on ...

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. "This is not believed to be exploitable, and it occurs in the unprivileged ...

FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection

An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes," SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in ...

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate. "PixPirate belongs to the newest generation of Android banking trojan, as it can perform ATS ...

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on Friday. VMware, in its own alert released at the time, described the issue as ...

Building trust with persistent third-party risk management

Strong third-party relationships are more important than ever to businesses today. As the recent pandemic has clearly demonstrated, any disruptions to strategic partnerships--such as supply chain networks and manufacturers--can have a huge impact on a brand’s reputation and financial well-being. That’s why robust third-party risk management (TPRM) should play a key role in any company’s overall risk management strategy.