Cybersecurity

Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor

Dec 11, 2023NewsroomThreat Intelligence / Cyber Attack Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that’s known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that […]

Cybersecurity

Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2

Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2 Pierluigi Paganini December 11, 2023 The Apache Software Foundation addressed a critical remote code execution vulnerability in the Apache Struts 2 open-source framework. The Apache Software Foundation released security updates to address a critical file upload vulnerability in the Struts 2 open-source framework. Successful exploitation of […]

Cybersecurity

GULOADER Adds New Anti-Analysis Tactic to Arsenal | Cyware Hacker News

Security experts have unmasked a new trick adopted by the GULOADER malware to evade detection by antivirus software. The highly evasive shellcode downloader malware, which typically spreads through emails bearing ZIP archives or links containing a VBScript file, has been found leveraging Vectored Exception Handler (VEH) capability to make analysis challenging. More in detail According […]

Cybersecurity

CISA and ENISA signed a Working Arrangement to enhance cooperation

CISA and ENISA signed a Working Arrangement to enhance cooperation Pierluigi Paganini December 11, 2023 ENISA has signed a Working Arrangement with the US CISA to enhance capacity-building, best practices exchange and awareness. The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the Cybersecurity and Infrastructure Security Agency (CISA) to enhance […]