Articles

Episode 244: ZuoRAT brings APT Tactics to Home Networks

By The Security Ledger | October 14, 2022

In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.  [MP3] Cyber attacks on small office and home office (or SOHO) routers aren’t new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […]

The post Episode 244: ZuoRAT brings APT Tactics to Home Networks appeared first on The Security Ledger with Paul F. Roberts.

Episode 243: An Interview with Chris Hoff Chief Secure Technology Officer at LastPass Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

By The Security Ledger | September 14, 2022

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”

The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Roberts.

Episode 242: Hacking the Farm (and John Deere) with Sick Codes

By The Security Ledger | September 5, 2022

In our latest podcast, Paul caught up with Sick Codes (@sickcodes) to talk about his now-legendary presentation at the DEF CON Conference in Las Vegas, in which he demonstrated a hack that ran the Doom first person shooter on a John Deere 4240 touch-screen monitor.

The post Episode 242: Hacking the Farm (and John Deere) with Sick Codes appeared first on The Security Ledger with Paul F. Roberts.

Student Loan Breach Exposes 2.5M Records

By ThreatPost | August 31, 2022

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

By ThreatPost | August 30, 2022

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

By ThreatPost | August 29, 2022

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Ransomware Attacks are on the Rise

By ThreatPost | August 26, 2022

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

By ThreatPost | August 25, 2022

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Twitter Whistleblower Complaint: The TL;DR Version

By ThreatPost | August 24, 2022

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

Firewall Bug Under Active Attack Triggers CISA Warning

By ThreatPost | August 23, 2022

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.