Architecture, Malware and Technology - Cyber Security Informer

ZuoRAT Malware Is Targeting Routers

Schneier on Security

JUNE 30, 2022

Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets: So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek.

Malware

Malware DNS Architecture Hacking

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. This article explores network security architecture components, goals, best practices, frameworks, implementation, and benefits as well as where you can learn more about network security architecture.

Architecture

Architecture Network Security Firewall Risk

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. While fully agentic AI malware remains years away, the industry must prepare now. We can expect security teams feeling pressure to adopt new technology quickly.

Risk

Risk Threat Detection Technology Phishing

Beyond the Surface: the evolution and expansion of the SideWinder APT group

SecureList

OCTOBER 15, 2024

The malware uses different strings to load libraries and functions required for execution. q=0" Icon File Name : %systemroot%System32moricons.dll Machine ID : desktop-84bs21b Downloader module The RTF exploits and LNK files execute the same JavaScript malware. In particular, Avast and AVG solutions are of interest to the malware.

Malware

Malware Encryption Architecture Phishing

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team ( GERT ) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. The protocol enables secure and low-cost data transfer.

Malware

Malware Architecture Technology DDOS

Good old malware for the new Apple Silicon platform

SecureList

MARCH 12, 2021

However, as technology evolves, we also observe a growing interest in the newly released platform from malware adversaries. This inevitably leads us to new malware samples compiled for the Apple Silicon platform. section at the end of the article for those who want to understand better the security risks of M1 malware.

Malware

Malware Adware Architecture Technology

The State of Security: Malware in 2022

The State of Security

JULY 17, 2022

This proves beyond any doubt that enterprises are experiencing increasing threats and full-on attacks to their information technology systems. To safeguard their network systems and entire security architecture, […]… Read More. The post The State of Security: Malware in 2022 appeared first on The State of Security.

Malware

Malware Architecture Risk Technology

Architecture Matters When it Comes to SSE

CyberSecurity Insiders

MAY 17, 2023

” Or said another way, “architecture matters”. Through centralized policy, security treatments like malware scanning, web filtering, and data leakage protection, occur close to the employee, 3rd party, or device. The post Architecture Matters When it Comes to SSE appeared first on Cybersecurity Insiders.

Architecture

Architecture Engineering Marketing Internet

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

JUNE 3, 2022

At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. Votiro has established itself as a leading supplier of advanced technology to cleanse weaponized files. This is a very good thing.

Unstructured Data

Unstructured Data Malware Digital transformation Authentication

DroidMorph tool generates Android Malware Clones that

Security Affairs

JUNE 22, 2021

Boffins developed a tool dubbed DroidMorph that provides morphing of Android applications (APKs) and allows to create Android apps (malware/benign) clones. The experts demonstrated that using the tool it is possible to bypass the Android anti-malware solutions performing permutations of the malware.

Malware

Malware Architecture Technology Mobile

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

With adversaries destroying backups to increase extortion payouts, recovery will grow harder and slower, emphasizing the need for stronger security controls and architecture. VSaaS reduces hardware requirements and energy consumption, supporting organizations’ environmental goals while meeting customer expectations.

Cyber threats

Cyber threats CISO IoT Phishing

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

The Last Watchdog

NOVEMBER 8, 2021

M&A invariably creates technology gaps that bad actor’s prey upon. Access controls are the nexus of security and the expanding perimeter, and zero trust is the architecture that encompasses it. Zero trust is an all-inclusive security and privacy architecture. Patient data exposures.

Healthcare

Healthcare Technology Architecture IoT

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux.

Malware

Malware DDOS Architecture Financial Services

Uncommon infection and malware propagation methods

SecureList

OCTOBER 5, 2022

We are often asked how targets are infected with malware. Last month, we focused on infection methods used in various malware campaigns: methods that we do not see used very often. It now has a second optional command line parameter: “-bomb” When that parameter is used, the malware does the following: ?onnect

Malware

Malware Architecture Ransomware Spyware

The State of Security: Malware in 2022

Security Boulevard

JULY 17, 2022

This proves beyond any doubt that enterprises are experiencing increasing threats and full-on attacks to their information technology systems. To safeguard their network systems and entire security architecture, […]… Read More. The post The State of Security: Malware in 2022 appeared first on The State of Security.

Malware

Malware Architecture Risk Technology

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The researchers observed threat actors exploiting CVE-2024-36401 in attacks aimed at IT service providers in India, technology companies in the U.S.,

Malware

Malware Telecommunications Encryption DDOS

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. By 2027, 75% of employees are expected to acquire or modify technology outside of ITs control, up from 41% in 2022. To keep up, organizations must stay ahead of these developments.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

Lazarus Trojanized DeFi app for delivering malware

SecureList

MARCH 31, 2022

This malware is a full-featured backdoor containing sufficient capabilities to control the compromised victim. The malware operator exclusively used compromised web servers located in South Korea for this attack. Then, the spawned malware overwrites the legitimate application with the Trojanized application. Backdoor creation.

Malware

Malware Encryption Cryptocurrency Architecture

EAGERBEE, with updated and novel components, targets the Middle East

SecureList

JANUARY 6, 2025

Analysis of the DLL reveals that it is a Core Module of multi-plugin malware developed by CoughingDown in late September 2020 and that there is indeed a significant code overlap (same RC4 key, same command numbers). Among these is EAGERBEE, a malware framework primarily designed to operate in memory. dat';(Get-Item ).creationtime

Malware

Malware Architecture Passwords Accountability

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

The Last Watchdog

MARCH 24, 2025

Protection via training, education Defending against these evolving threats requires more than just technology it demands well-trained personnel at all levels. For example, network defense and malware analysis labs show engineers how to contain ransomware outbreaks. million per incident?

Healthcare

Healthcare Penetration Testing Education Cyber threats

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT. US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. Pierluigi Paganini.

Malware

Malware Firmware Architecture Firewall

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

It is recommended that organizations should consider AI-powered deception technologies to detect and neutralize AI-driven threats. Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. Organizations should integrate AI-driven risk scoring into their Zero Trust architecture.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

A new secret stash for “fileless” malware

SecureList

MAY 4, 2022

Dropper modules also patch Windows native API functions, related to event tracing (ETW) and anti-malware scan interface (AMSI), to make the infection process stealthier. In Main.start the malware checks if the host is in the domain and only works if it’s true. Architecture (x86 or x64). Quite unusual among the commands.

Malware

Malware Encryption Architecture Technology

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

SecureList

APRIL 21, 2021

If you have read our previous blogpost “ Targeted Malware Reverse Engineering Workshop follow-up. The experts also had a fireside chat with Igor Skochinsky of Hex-Rays and introduced the Targeted Malware Reverse Engineering online self-study course. Questions related to malware analysis. So, not often, but they do exist.

Engineering

Engineering Malware Software Architecture

Second malware strain primed to attack Apple’s new M1 chip identified

SC Magazine

FEBRUARY 18, 2021

Along with the Pirrit Mac adware identified earlier this week, researchers from Red Canary identified Thursday a different malware strain (Jon Rawlinson/CC BY 2.0)). In just three months, hackers have debuted at least two strains of malware designed to attack Apple’s new M1 chip.

Malware

Malware Adware VPN Architecture

A new Linux Botnet abuses IaC Tools to spread and other emerging techniques

Security Affairs

APRIL 23, 2021

Researchers from Trend Micro have spotted a new Linux botnet employing multiple emerging techniques among cyber-criminals, including the use of Tor proxies, the abuse of legitimate DevOps tools, and the removal or deactivation of competing malware. for spreading. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Architecture

Architecture Cryptocurrency Malware Technology

How 5G network is immune to Cyber Attacks

CyberSecurity Insiders

MAY 7, 2023

Like any other network, 5G networks are vulnerable to various types of cyber attacks, such as distributed denial-of-service (DDoS) attacks, phishing attacks, and malware infections. For example, 5G networks use advanced encryption technologies to protect the confidentiality and integrity of data transmitted over the network.

Cyber Attacks

Cyber Attacks Architecture Technology DDOS

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. Kenna has a healthy 3rd Party ecosystem of technology partners.

Technology

Technology Firewall VPN Authentication

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

SecureList

DECEMBER 14, 2023

During an incident response performed by Kaspersky’s Global Emergency Response Team ( GERT ) and GReAT, we uncovered a novel multiplatform threat named “NKAbuse” The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities.

Malware

Malware Architecture DNS DDOS

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Security Boulevard

MARCH 20, 2025

enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the same technology to automate and scale more sophisticated attacks. visibility: Get in-depth visibility into AI application trends and interactions through interactive dashboards.AI-powered

Social Engineering

Social Engineering Phishing Risk Insurance

APT10: Tracking down LODEINFO 2022, part II

SecureList

OCTOBER 31, 2022

The following chart shows the evolution timeline of this malware since its discovery. The hashing algorithm is used by the malware to calculate hashes for API function names, to resolve the function addresses. Checking the OS architecture and the next shellcode architecture. and v0.6.5, Timeline of LODEINFO releases.

Encryption

Encryption Architecture Malware Engineering

NEWS ANALYSIS Q&A: Striving for contextual understanding as digital transformation plays out

The Last Watchdog

JUNE 19, 2024

I first tapped Gunter Ollmann ’s insights about botnets and evolving malware some 20 years when he was a VP Research at Damballa and I was covering Microsoft for USA TODAY. LW: In what noteworthy ways have legacy technologies evolved? LW: What does the integration of iterated legacy tools into edge-focused newer technologies look like?

Digital transformation

Digital transformation Technology Cybersecurity Penetration Testing

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus

Antivirus Malware Banking Internet

LLM meets Malware: Starting the Era of Autonomous Threat

Security Affairs

JUNE 13, 2023

Malware researchers analyzed the application of Large Language Models (LLM) to malware automation investigating future abuse in autonomous threats. We explored a potential architecture of an autonomous malware threat based on four main steps: an AI-empowered reconnaissances, reasoning and planning phase, and the AI-assisted execution.

Malware

Malware Architecture Hacking Passwords

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. Business initiatives demand faster, more efficient outcomes and technology responds. In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps.

Risk

Risk Cybersecurity Technology CISO

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Security Affairs

DECEMBER 5, 2022

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. This trend comes from the “Man in The Browser” (MiTB) attacks and WEB-injects designed for traditional PC-based malware such as Zeus, Gozi and SpyEye.

Mobile

Mobile Malware Banking Retail

Version 7 of the REMnux Distro Is Now Available

Lenny Zeltser

JULY 22, 2020

This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. Revamped REMnux documentation provides an extensive, categorized listing of the installed malware analysis tools, and lists their authors, websites, and license details.

Architecture

Architecture Malware Software Technology

Email Security Recommendations You Should Consider from 2021

Cisco Security

AUGUST 17, 2021

Now mix in architectural changes that support cloud productivity suites like Microsoft 365 and Google’s G-Suite to accelerate your business to cloud-based email security services. When it comes to safeguarding email against today’s advanced threats like phishing and malware information is power.

Phishing

Phishing Technology Malware Authentication

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

The Last Watchdog

JANUARY 4, 2022

based supplier of networking technology. Legacy security architectures just don’t fit this massively complex, highly dynamic environment. This means that on the protection side of the equation, we need to get smarter about leveraging technology to try to help companies deal with this very complex security challenge.”.

Digital transformation

Digital transformation Hacking Architecture Cyber Risk

New Linux FASTCash Variant: Threats to Banking Systems

Hacker's King

DECEMBER 17, 2024

The cybersecurity world has been abuzz with news of a new Linux variant of FASTCash, a sophisticated malware targeting the banking sector. This new variant, designed to exploit Linux systems, signals a significant evolution in malware capabilities, highlighting the urgent need for robust defenses.

Banking

Banking Social Engineering Malware Cyber threats

Hyperautomation and the Future of Cybersecurity

eSecurity Planet

JUNE 22, 2022

A blend of robotic process automation, machine learning technology, and artificial intelligence, hyperautomation seeks to refine and improve business and technology processes that previously required a human decision-maker. The major disadvantages of hyperautomation: Requires a next-gen technology infrastructure.

Cybersecurity

Cybersecurity Artificial Intelligence Architecture Technology

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading. Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries.

Ransomware

Ransomware Computers and Electronics Manufacturing Advertising

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

But last week, Barracuda took the highly unusual step of offering to replace compromised ESGs , evidently in response to malware that altered the systems in such a fundamental way that they could no longer be secured remotely with software updates. “Patch your #Fortigate.”

Risk

Risk VPN Internet Internet

GUEST ESSAY: Remote workforce exposures exacerbate cybersecurity challenges in 2021

The Last Watchdog

MARCH 31, 2021

Ransomware and fileless malware breaches will rapidly continue to destabilize businesses in 2021. This also means that attackers can save a lot of time needed for malware generation, thus making unwanted access relatively easy to accomplish. One proven way to overcome these kinds of attacks is by implementing zero trust architecture.

Cybersecurity

Cybersecurity Architecture Authentication Malware

ZuoRAT Malware Is Targeting Routers

Network Security Architecture: Best Practices & Tools

Trending Sources

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Beyond the Surface: the evolution and expansion of the SideWinder APT group

New NKAbuse malware abuses NKN decentralized P2P network protocol

Good old malware for the new Apple Silicon platform

The State of Security: Malware in 2022

Architecture Matters When it Comes to SSE

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

DroidMorph tool generates Android Malware Clones that

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Uncommon infection and malware propagation methods

The State of Security: Malware in 2022

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Top Cybersecurity Trends to Watch Out For in 2025

Lazarus Trojanized DeFi app for delivering malware

EAGERBEE, with updated and novel components, targets the Middle East

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

US and UK link new Cyclops Blink malware to Russian state hackers?

Google's AI Trends Report: Key Insights and Cybersecurity Implications

A new secret stash for “fileless” malware

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

Second malware strain primed to attack Apple’s new M1 chip identified

A new Linux Botnet abuses IaC Tools to spread and other emerging techniques

How 5G network is immune to Cyber Attacks

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

APT10: Tracking down LODEINFO 2022, part II

NEWS ANALYSIS Q&A: Striving for contextual understanding as digital transformation plays out

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

LLM meets Malware: Starting the Era of Autonomous Threat

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Version 7 of the REMnux Distro Is Now Available

Email Security Recommendations You Should Consider from 2021

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

New Linux FASTCash Variant: Threats to Banking Systems

Hyperautomation and the Future of Cybersecurity

Steelcase office furniture giant hit by Ryuk ransomware attack

CISA Order Highlights Persistent Risk at Network Edge

GUEST ESSAY: Remote workforce exposures exacerbate cybersecurity challenges in 2021

Stay Connected