Newly Discovered ‘Tomiris’ Backdoor Linked to SolarWinds Attack Malware

  Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year’s SolarWinds supply chain attack.  The new malware, dubbed Tomiris, was first identified in June 2021 from samples dating back to February, a month before the “sophisticated second stage backdoor” Sunshuttle was spotted by FireEye […]

Continue Reading

SonicWall Patches Critical Flaw in SMA 100 Products

  SonicWall has released a security advisory to warn users regarding a critical flaw impacting some of its Secure Mobile Access (SMA) 100 appliances. The vulnerability spotted as CVE-2021-20034 could potentially allow a remote unauthenticated hacker to delete arbitrary files from the targeted appliance and secure administrator access to the device. “The vulnerability is due […]

Continue Reading

Malware Creators Use Malformed Certificates To Trick Windows Validation

  Google researchers have identified malware developers generating malformed code signatures that appear to be valid in Windows to bypass security software. This technique is actively used to spread OpenSUpdater, a family of unwanted software known as riskware, which plants advertisements into targets’ browsers and installs other redundant programs on their machines. Researchers believe the […]

Continue Reading

Employees in Retail Industry Most Frequently Targeted by Malicious Emails, New Study Reveals

  A new study from security firm Tessian highlights the sophisticated techniques employed by threat actors to evade detection and trick employees. Between July 2020-July 2021, two million malicious emails bypassed traditional email defenses, like secure email gateways, placing many employers at risk of data breach and cyber fraud.  According to the study, retail industry […]

Continue Reading