Analysis - Information Management Today

ZLoader Malware adds Zeus’s anti-analysis feature

Security Affairs

MAY 3, 2024

Zloader continues to evolve, its authors added an anti-analysis feature that was originally present in the Zeus banking trojan. Recently, its authors reintroduced an anti-analysis feature similar to the one implemented in the original ZeuS 2.x ” reads the analysis published by Zscaler. ” continues the analysis.

Data structuring

Data structuring Communications IT Information Security

Improve safety using root cause analysis and strengthening information management

OpenText Information Management

NOVEMBER 13, 2024

The power of root cause analysis Having worked in the energy industry for two decades and seen accidents and have been exposed to hazards, root causes analysis (RCA) was engrained in me by the organizations I worked for and served. Just as human action needs to be managed to achieve business outcomes, so does information.

Energy and Utilities

Energy and Utilities Mining Communications Risk

Apple addressed two actively exploited zero-day vulnerabilities

Security Affairs

NOVEMBER 20, 2024

Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group discovered both vulnerabilities. Google’s Threat Analysis Group (TAG) focuses on protecting users by monitoring and countering advanced persistent threats (APTs) and cyber-espionage activities, often involving commercial spyware.

Security

Security IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

The 2025 Information Management Tech Stack

AIIM

OCTOBER 15, 2024

On October 1, 2024, at the AIIM Information and Data Leadership Symposium in Arlington, VA, I had an enlightening conversation with Alan Pelz-Sharpe, Founder of Deep Analysis.

Artificial Intelligence

How ZoomInfo Enhances Your Database Management Strategy

Advertiser: ZoomInfo

Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time. Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes.

Marketing

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Second, the analysis revealed a previously undetected spyware, named “NoviSpy,” which can extract personal data, activate the devices microphone or camera, and was installed during police possession of his phone. .”

Personal data

Personal data Encryption Security Privacy

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

The analysis of the configuration files revealed that all the FortiOS versions in the data set were older than version 7.2.2, .” According to Heise security , the published data doesn’t appear to be linked to recently published vulnerabilities in the FortiOS appliance operating system. released in October 2022.

Passwords

Passwords Security IT Data breaches

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

Security Affairs

FEBRUARY 24, 2025

“The analysis of SpyLend reveals a highly deceptive and dangerous threat targeting Android users. The malware exploits APIs to access files, contacts, call logs, SMS, and installed apps. ” concludes the report.

Access

Access Marketing Privacy IT

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

” The analysis of the headers of the spam messages revealed a botnet of ~13,000 hijacked MikroTik devices, forming a network capable of executing large-scale malicious activities. The zip archive contains an obfuscated JavaScript file, which creates and executes a PowerShell script that connects to the C2 (62.133.60[.]137),

File names

File names Authentication Access Archiving

5 Ways You Can Win Faster with Gen AI in Sales

Advertiser: ZoomInfo

Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations. This frees up valuable time for sellers to focus more on building relationships and closing deals.

Sales

This iOS 18 feature shares your photos with Apple for analysis. Should you be worried?

Collaboration 2.0

JANUARY 6, 2025

Enhanced Visual Search sends photos to Apple to help identify landmarks and other items. Here's why it has some users concerned and how to opt out.

IT

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

” reads the analysis published by Kaspersky. . “The persistence method used by the threat actor was based on WorldClient allowing loading of extensions that handle custom HTTP requests from clients to the email server.”

Government

Government IT Access Information Security

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

The feature makes it harder for police forensics analysis of the devices. It suggests taking inventory to check if any AFU devices have already rebooted. 404 Media now confirmed that Apple quietly introduced code into iOS 18.1 that reboots iPhones if it has not been unlocked for a period of time. ” reported 404 Media.

Encryption

Encryption Passwords Security Communications

Russia-linked espionage group UNC5812 targets Ukraine’s military with malware

Security Affairs

OCTOBER 29, 2024

Although the site claims to support macOS and iPhones, only Windows and Android payloads were available during the analysis. For Android users, a malicious APK installs a variant of the CRAXSRAT backdoor, sometimes bundled with SUNSPINNER.

Military

Military IT Security Information Security

Drive Better Decision-Making with Data Storytelling

A good data story is formed by three components: Data analysis - This is the basis of a strong story and mastering the data is an essential part of the process. Data-driven storytelling could be used to influence user actions, and ensure they understand what data matters the most.

How ChatGPT scanned 170k lines of code in seconds, saving me hours of work

Collaboration 2.0

OCTOBER 24, 2024

Have a question that requires a lot of text or numerical analysis? Consider running it by ChatGPT or another popular model -- the answer might surprise you.

IT

If your AI-generated code becomes faulty, who faces the most liability exposure?

Collaboration 2.0

DECEMBER 22, 2024

Our Part 2 analysis examines this sticky issue if a catastrophic outcome occurs. Who is liable: the product maker, the library coder, or the company that chose the product?

Libraries

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

The vulnerability was discovered by cybersecurity firm Horizon3, which published a technical analysis of the flaw. Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,VMware)

Authentication

Authentication Cloud Cybersecurity Access

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

The analysis of netflow data identified recurring attacker IPs, primarily hosted at SharkTech, with traffic over ports 12341, 12342, and 12348. The attackers used basic authentication methods. The attacks use “fasthttp” as the user agent, the researchers found online reports of similar password-spraying attacks.

Passwords

Passwords Authentication Access Cybersecurity

How to Build Data Experiences for End Users

Data aware: Users can combine past experiences, intuition, judgment, and qualitative inputs and data analysis to make decisions. Data literate: Users have a comfort level of working with, manipulating, analyzing, and visualizing data. Download the eBook to learn about How to Build Data Experiences for End Users.

Analytics

Polish Space Agency POLSA disconnected its network following a cyberattack

Security Affairs

MARCH 5, 2025

An analysis of the situation is ongoing. The agency revealed that it has disconnected its infrastructure to contain the attack and secure data, a circumstance that suggests it was the victim of a ransomware attack. “A cybersecurity incident has occurred at POLSA. The relevant services and institutions have been informed.

IT

IT Ransomware Cybersecurity Security

GitLab addressed critical auth bypass flaws in CE and EE

Security Affairs

MARCH 13, 2025

” reads a technical analysis of the two critical flaws. ” continues the analysis. In other words, it could be used for an account takeover attack.” ” GitLab Dedicated customers receive automatic updates, while self-managed users must apply updates manually. ” continues the advisory.

Authentication

Authentication Libraries Data breaches Security

National Vulnerability Backlog Could Surge to 30,000 by 2025

Data Breach Today

JULY 26, 2024

New Analysis Reveals Growing Crisis for the National Vulnerability Database A growing backlog at the National Institute of Standards and Technology National Vulnerability Database could surge to above 30,000 unanalyzed security flaws by the end of the year if the agency fails to significantly ramp up its processing rates, according to a new analysis (..)

Security

Security IT

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

WIRED Threat Level

NOVEMBER 20, 2023

A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime.

Access

Access Government Privacy Security

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Security Affairs

MARCH 24, 2025

ABYSSWORKER employs functions with constant return values, using opaque predicates and derivation functions to obstruct static analysis. .” reads the report published by Elastic. The experts pointed out that only three such functions exist and are not used in predicates, the obfuscation is ineffective and easily identifiable.

Ransomware

Ransomware Security IT Access

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

MARCH 24, 2025

Incident discovery and exploitation According to CloudSEKs analysis, the threat actor claimed to have breached the subdomain login.us2.oraclecloud.com The breach, exploiting a vulnerability in Oracles cloud infrastructure, now endangers over 140,000 tenants and has raised serious questions about cloud security practices.

Cloud

Cloud Risk Passwords Cybersecurity

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs

FEBRUARY 16, 2025

Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Analyzing DEEP#DRIVE: North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks Chinese-Speaking Group Manipulates SEO with (..)

Security

Security Data breaches Encryption Ransomware

Cisco fixed a critical flaw in Security Email Gateway that could allow attackers to add root users

Security Affairs

JULY 19, 2024

The vulnerability arises from improper handling of email attachments when file analysis and content filters are enabled. “This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. . ” reads the advisory published by Cisco. 055 and later.

Security

Security Passwords IT Information Security

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

Evasion checks supported by the malicious code include detecting debuggers, verifying active processes, checking CPU core count, and scanning for malware analysis tools. The application serves as a downloader for XMRig, researchers noticed it supports evasion mechanisms. ” concludes the report.

Phishing

Phishing Mining Authentication Communications

iShutdown lightweight method allows to discover spyware infections on iPhones

Security Affairs

JANUARY 17, 2024

The analysis revealed that the infections left traces in the Shutdown.log, which is a text-based log file. ” reads the analysis published by Kaspersky. The analysis of the infections also revealed other similarities such as the path associated with malware execution (“/private/var/db/”).

Archiving

Archiving Cybersecurity IT Access

Dark Gate malware campaign uses Samba file shares

Security Affairs

JULY 14, 2024

. “Deobfuscated from test.txt and run from system memory, this final DarkGate binary is known for its complex mechanisms to avoid detection and malware analysis.” “One of the anti-analysis techniques employed by DarkGate is identifying the CPU of the targeted system. ” reads the report.

Phishing

Phishing Communications Access Cybersecurity

Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

Security Affairs

JANUARY 20, 2025

” reads the analysis published by Socket. They take the attack further by programmatically draining the victims wallet, automatically transferring up to 98% of its contents to an attacker-controlled Solana address 3RbBjhVRi8qYoGB5NLiKEszq2ci559so4nPqv2iNjs8Q.” ” continues the report.

Libraries

Libraries Authentication IT Access

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

DuneQuixote campaign targets the Middle East with a complex backdoor

Security Affairs

APRIL 21, 2024

The threat actors behind the DuneQuixote campaign took steps to prevent collection and analysis the implants through the implementation of practical and well-designed evasion methods. ” reads the analysis published by Kaspersky.

Libraries

Libraries Communications IT Government

Expert warns of Turtle macOS ransomware

Security Affairs

DECEMBER 1, 2023

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. concludes the analysis. The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The binary also lacks of obfuscation.

Ransomware

Ransomware Encryption Archiving Cybersecurity

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

“AWS CloudTrail logs only an HMAC of the encryption key, which is insufficient for recovery or forensic analysis.” . “Threat actor dubbedCodefingeruses compromised AWS keys to encrypt S3 bucket data via SSE-C, leveraging AWSs secure encryption infrastructure in a way that prevents recovery without their generated key.”

Encryption

Encryption Ransomware Authentication Cloud

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

” reads the analysis published by ThreatFabric. Initial analysis revealed that the panel’s code had a critical mistake: it checked for authorization only after loading all scripts, briefly displaying the authenticated view to unauthorized users. However, their potential functionality is known based on panel analysis.”

Access

Access Authentication Communications IT

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Qilin ransomware attack on Synnovis impacted over 900,000 patients

Security Affairs

SEPTEMBER 17, 2024

Leaked data includes sensitive information, including patients’ histology tests and clinical analysis results. We are not in a position to comment on or confirm the validity or accuracy of analysis carried out by other parties, nor can we verify whether the data examined by these parties is in fact related to this incident.”

Ransomware

Ransomware IT Security Data breaches

China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Security Affairs

JUNE 17, 2024

” reads the analysis published by Sygnia. Both F5 appliances were running an outdated, vulnerable, operating system. The threat actor may have leveraged one of the vulnerabilities to gain remote access to the appliances.” The PlugX RAT was used by multiple Chinese APT groups in cyberespionage campaigns over the years.

Access

Access Security IT Information Security

Deepfakes and the 2024 US Election

Schneier on Security

FEBRUARY 4, 2025

Interesting analysis : We analyzed every instance of AI use in elections collected by the WIRED AI Elections Project ( source for our analysis), which tracked known uses of AI for creating political content during elections taking place in 2024 worldwide. This tracks with my analysis. People share as a form of social signaling.

IT

If ChatGPT produces AI-generated code for your app, who does it really belong to?

Collaboration 2.0

DECEMBER 21, 2024

The answer is complicated, so in Part I of a two-article analysis, we consulted legal experts to obtain some definitive answers.

IT

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Without establishing Software Composition Analysis best practices and the ability to produce a Software Bill of Materials, companies are most likely leaving a gaping hole in their software supply chain for bad actors to slip in and take advantage of vulnerabilities.

Cybersecurity

ZLoader Malware adds Zeus’s anti-analysis feature

Improve safety using root cause analysis and strengthening information management

Webinars

Trending Sources

Apple addressed two actively exploited zero-day vulnerabilities

Webinars

The 2025 Information Management Tech Stack

How ZoomInfo Enhances Your Database Management Strategy

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

MikroTik botnet relies on DNS misconfiguration to spread malware

5 Ways You Can Win Faster with Gen AI in Sales

This iOS 18 feature shares your photos with Apple for analysis. Should you be worried?

The Mask APT is back after 10 years of silence

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Russia-linked espionage group UNC5812 targets Ukraine’s military with malware

Drive Better Decision-Making with Data Storytelling

How ChatGPT scanned 170k lines of code in seconds, saving me hours of work

If your AI-generated code becomes faulty, who faces the most liability exposure?

Broadcom fixed information disclosure flaws in VMware Aria Operations

A large botnet targets M365 accounts with password spraying attacks

How to Build Data Experiences for End Users

Polish Space Agency POLSA disconnected its network following a cyberattack

GitLab addressed critical auth bypass flaws in CE and EE

National Vulnerability Backlog Could Surge to 30,000 by 2025

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

How to Package and Price Embedded Analytics

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Cisco fixed a critical flaw in Security Email Gateway that could allow attackers to add root users

New Study: 2018 State of Embedded Analytics Report

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

iShutdown lightweight method allows to discover spyware infections on iPhones

Dark Gate malware campaign uses Samba file shares

Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

5 Early Indicators Your Embedded Analytics Will Fail

DuneQuixote campaign targets the Middle East with a complex backdoor

Expert warns of Turtle macOS ransomware

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Experts found a macOS version of the sophisticated LightSpy spyware

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Qilin ransomware attack on Synnovis impacted over 900,000 patients

China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Deepfakes and the 2024 US Election

If ChatGPT produces AI-generated code for your app, who does it really belong to?

Software Composition Analysis: The New Armor for Your Cybersecurity

Stay Connected