LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
Security researchers have discovered a new anti-sandbox technique in the stealer malware LummaC2, which uses trigonometry to evade detection and steal information. The malware monitors mouse movements to detect human activity, aiding its concealment. The malware was discovered in December 2022 and has been continuously updated, making it increasingly hard to analyze.
A Loss Prevention Psychology Perspective
The increasing digitization of workplaces carries significant risks, including employee-driven cybercrime, which could cost the global economy $10.5 trillion annually by 2025. Loss prevention psychology (LPP) offers strategies for mitigating cybercrime risks, ranging from secure systems and encryption to employee education about cyber risks. Employee deviance, though less serious than cybercrime, can still harm an […]
Navigating the Waters of AI: Safeguarding Against Data Security Risks
To avoid data security risks associated with AI, organizations should understand and evaluate their data sources, implement strong encryption, adopt federic learning, regularly update and patch AI systems, and restrict access to these systems. Regular security audits, personnel training, and compliance with privacy regulations are also essential. This proactive approach will protect sensitive information and […]
Privacy and data security ‘imperative for every financial organization’
Cyber attacks are increasing, with finance being the most targeted industry, particularly in the Middle East. Kingston Technology Europe is urging banks to enhance their security frameworks with next-generation devices. The company recommends password-protected, hardware-encrypted USB drives for optimal data protection. The Middle Eastern cybersecurity market is expected to reach about $30 billion by 2025. […]
Researchers warn of advanced evasion techniques in LummaC2 v4.0 malware
Cybersecurity company Outpost24 AB has warned of a new version of notorious malware, LummaC2 v4.0, which uses advanced anti-detection techniques. The malware, designed to covertly extract sensitive data, now delays activation until it detects genuine human mouse activity, making analysis difficult for cybersecurity researchers. Other new features include Control Flow Flattening Obfuscation, XOR encryption, dynamic […]
Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
Bitcoin wallets made between 2011 and 2015 are vulnerable to a new exploit called Randstorm, according to a report by Unciphered. The exploit allows potential bad actors to recover passwords and gain illicit access to a multitude of wallets across several blockchain platforms. It is estimated that around 1.4 million bitcoins are stored in such […]
Why Business Organizations Must Implement the Zero Trust Security Strategy and Execute It Diligently | by David Pui | Technology Hits | Nov, 2023
The author discusses the rise in cyber threats and the importance of implementing security solutions in businesses. He suggests that enterprise architects and business decision makers must consider people, processes, business, and data in their strategies. The author also emphasizes the need for organizations to develop a Zero Trust Architecture Strategy due to the rising […]
Hackers Exploiting Zimbra 0-day to Attack
Google’s Threat Analysis Group (TAG) detected a zero-day exploit targeting the Zimbra Collaboration, an open-source email server used by over 5,000 organisations globally. The bug, known as CVE-2023-37580, allows cross-site scripting and led to the theft of user credentials, email data, and authentication tokens by four distinct groups. Zimbra released a hotfix to address this […]
Hackers Exploiting Zimbra 0-day to Attack
Google’s Threat Analysis Group found a bug in open-source software Zimbra Collaboration, which is used by over 5,000 companies across the globe. The bug, known as CVE-2023-37580, was exploited by four different groups who stole email data, user credentials and authentication tokens. Zimbra Collaboration users must keep their software updated and promptly apply security updates […]
Leveraging Sandbox and Threat Intelligence Feeds to Combat Cyber Threats
Using a malware sandbox and threat intelligence feeds in tandem can significantly improve cyber security. A malware sandbox provides a safe space to analyse and execute suspicious files without risk of harming the user’s system, while threat intelligence feeds supply real-time streams of information on cyber threats. Together, they can increase detection rates, lower false […]
