Blog Series
cybersecurity
IceXLoader malware targets home and...
IceXLoader, an updated version of a malware loader, is suspected of infecting thousands of personal and enterprise Windows machines around the world. IceXLoader is a commercially available malware that costs...
Patching Instead of Upgrading Legacy...
Operational technology (OT) is equipment and computer software used for analyzing utility control processes for critical infrastructure, while Industrial Control System (ICS) assets are the digital devices used in industrial...
Hackers exploit security flaw in...
A security researcher, David Schütz has received a $70,000 bug bounty after he accidentally discovered a Google Pixel lock-screen bypass hack that solved a serious security problem on all Pixel...
Securing the Linux Kernel Hiding...
Operational Technology (OT) and Industrial Control Systems (ICS) technologies help ensure safety by monitoring and controlling critical operations. OT includes Supervisory Controls And Data Acquisition (SCADA) and Distributed Controls Systems...
Live Patching vs Virtual...
There are many different ways to improve upon traditional patching, so it’s easy to get confused about how each patching approach works. In the past, we’ve looked at traditional patching...
OpenSSL vulnerability feared as “critical”...
The long-awaited OpenSSL bug fixes to fix a critical severity security hole are available now. New OpenSSL patches have reduced the severity of the bug from critical to high. The...
Researchers uncover 29 malicious PyPI...
Threat actors are distributing malicious Python packages to the popular Python Package Index (PyPI) service, using authentic-sounding file names, and hidden imports to deceive developers and steal their data. The...
RomCom RAT operators disguise malware...
RomCom, a threat actor, is said to be conducting a series of new attack campaigns using the brand power of SolarWinds, KeePass and PDF Technologies. It uses a RomCom RAT...
Cisco release security updates to...
Cisco has released security updates to address two vulnerabilities that are classified as “high”: CVE-2022-20961 and CVE-2022-20956. The vulnerabilities affect the Cisco Identity Services Engine and could allow an attacker...
Embedded Linux: A Quick Beginner’s...
What Is an Embedded System? Before diving into embedded Linux, let’s first discuss what it’s used for: embedded systems. There are embedded systems in everything: consumer goods, industrial machinery, telecommunications...
Hackers use Clop ransomware to...
A hacker group that is identified simply as DEV-0950 is using CIop ransomware to encrypt the network of organizations that were previously infected with the Raspberry Robin worm. Raspberry Robin...