The Network Company Blog

We Keep you Connected

The Network Company Blog

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems.“LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015,” Fortinet FortiGuard Labs researcher Cara Lin said. “It primarily targets Windows systems and aims to gather sensitive information from infected machines.”The cybersecurity company, which spotted the campaign in May 2023, said the attacks take advantage of CVE-2021-40444 and
Using Snapshots to Improve Data SecurityYour email has been sent How snapshots — point-in-time copies of data — can improve data security. Teams responsible for developing scalable enterprise applications need efficient approaches to protecting data. Snapshots are a good way to improve resilience, protect against ransomware and speed recovery.Jump to:Snapshots are point-in-time copies that provide near-instantaneous data protection. By copying storage metadata rather than on the data itself, they provide a record of where each
Threat actors are taking advantage of Android’s WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information.“The attack began with victims receiving SMS messages suggesting the need to update a mobile banking application,” researchers from CSIRT KNF said in an analysis released last week. “The link contained in the message led to a site that used WebAPK technology to install a malicious application
Armis, Honeywell Uncover Vulnerabilities in Honeywell SystemsYour email has been sent Newly discovered vulnerabilities in distributed control systems could allow attackers access to systems supporting industrial, energy, chemical and other operations. Security company Armis, in collaboration with operational technology company Honeywell, identified new vulnerabilities in Honeywell Experion distributed control system platforms. These vulnerabilities could potentially allow remote execution of malware on Honeywell servers and controllers, the companies said.Tom Gol, chief information officer for research at
The Cybersecurity and Infrastructure Security Agency (CISA) this week is warning that a bevy of Truebot malware variants are increasingly being utilized by threat actors against various organizations in the US and Canada.CISA, alongside the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Center for Cyber Security (CCCS), noted that cyber threat actors are using phishing campaigns with malicious hyperlinks to deliver Truebot variants to a variety of targets, or
The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface management (ASM) vendor, review these six questions before getting started to understand the key features to look for in an ASM platform and the qualities of the vendor who supports
An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft’s discovery of a new China-linked espionage campaign targeting two dozen organizations.The details come from a joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) on July 12, 2023.“In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365
Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory initiatives by countries and ethical frameworks adopted by companies to regulate AI.Cybercriminals can leverage AI in various ways to enhance their phishing attacks
Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023, That’s according to new findings from Mandiant, which detailed two such campaigns – SOGU and SNOWYDRIVE – targeting both public and private sector entities across the world.SOGU is the “most prevalent USB-based cyber espionage attack using USB flash drives and one of the most aggressive cyber espionage campaigns targeting both public and
Charlotte, NC (July 10, 2023) – Honeywell (Nasdaq: HON) today announced it has agreed to acquire SCADAfence, a leading provider of operational technology (OT) and Internet of Things (IoT) cybersecurity solutions for monitoring large-scale networks. SCADAfence brings proven capabilities in asset discovery, threat detection and security governance which are key to industrial and buildings management cybersecurity programs. The OT cybersecurity industry is expected to grow to greater than $10 billion in the next several years. Particularly in
By Alex Delamotte, with Ian Ahl (Permiso) and Daniel Bohannon (Permiso)In December 2022, the threat research team at Permiso Security reported about a cloud credential stealer campaign that primarily targeted Amazon Web Services (AWS) credentials from public-facing Jupyter Notebooks services. The actors likely accessed these impacted services through unpatched web application vulnerabilities.From June 14, 2023 through the end of the month, we worked with the Permiso team to track and analyze files related to a
Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems.The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents to deploy a downloader malware called PicassoLoader, which acts as a conduit to launch Cobalt Strike Beacon and njRAT.“The attacks used a multistage infection
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users’ passwords being added to the database in plaintext format.“A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them,” UpdraftPlus, the maintainers of AIOS, said.“This would be a problem if those site administrators were to try out
How to Check If Someone Else Accessed Your Google AccountYour email has been sent Review your recent Gmail access, browser sign-in history and Google account activity to make sure no one other than you has used your account. Whenever a computer is out of your direct view and control, there’s always a chance that someone other than you can gain access. A person who returns from a trip might wonder if their computer and accounts
Organizations worldwide are in a race to adopt AI technologies into their cybersecurity programs and tools. A majority (65%) of developers use or plan on using AI in testing efforts in the next three years. There are many security applications that will benefit from generative AI, but is fixing code one of them?For many DevSecOps teams, generative AI represents the holy grail for clearing their increasing vulnerability backlogs. Well over half (66%) of organizations say

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE