-
Monitoring malware trends with VT Intelligence
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. VT Intelligence can be a powerful tool for monitoring malware trends, enhancing your detection capabilities and enabling proactive defense against evolving threats. To leverage it effectively, analysts can refine searches with threat indicators relevant to their…
-
Hunting for malicious domains with VT Intelligence
Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for different malicious purposes as part of their infrastructure, and malware communicates with external sites for command and…
-
Sigma rules for Linux and MacOS
TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. Unfortunately, at that time Sigma rules were only matched against Windows binaries. Since then, our engineering team…
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
-
Fortinet Releases Security Updates for FortiManager
Fortinet released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following Fortinet Security Bulletin and apply the necessary updates: FG-IR-24-425 Go to Source
-
From Naturalization to Cyber Advocacy: CISA Region 3’s Chris Ramos Inspires New U.S. Citizens
In a poignant and impactful moment at a recent USCIS naturalization ceremony, CISA Region 3’s Cybersecurity Coordinator, Chris Ramos, shared heartfelt words and critical cybersecurity guidance with nearly one hundred newly sworn American citizens. Go to Source