Security practitioners may know about common command-and-control (C2) frameworks, such as Cobalt Strike and Sliver, but fewer have likely heard of the so-called Chinese sibling framework “Manjusaka” (described by Talos in an excellent writeup). Like other C2 frameworks, we studied the Manjusaka implant/server network communications in our lab environment, and here we document some of the detection methods available. We have also open-sourced the content we describe.

The ability of a cybercriminal to place themselves between you and the connection point poses the biggest security vulnerability to public WiFi. You unknowingly communicate with the cybercriminal, who then collects and passes your information to the hotspot, rather than you connecting to the hotspot directly. While there are ways to stay protected on public WiFi, it is still advisable to avoid using it.

Vitrea View is a tool that uses the DICOM standard to view medical images. If exploited an attacker could access patient information and obtain additional access to various services associated with Vitrea View..

Trustwave announced today that it has attained Gold competency in security in the Microsoft Partner Network, a mark reached by only 1% of all Microsoft partners. This certification, awarded upon rigorous review of technical certifications and innovative solutions, represents Microsoft’s highest level of partner recognition for aligning technical expertise to customer needs.

With a threat landscape expanding at an accelerated pace, it is next to impossible for any organization to even keep track of and monitor the volume, frequency, complexity, and breadth of the attack techniques and tactics out there. But to effectively tackle threats and protect mission-critical assets, the knowledge of these common attack techniques, tactics, detection, and mitigation is critical. This is where MITRE ATT&CK is especially useful.

The spotlight on cyber risk quantification (CRQ) has raised its status to the top of the hypercycle, but with fame comes scrutiny and criticism. Security analysts and practitioners debate the validity of each model framework, along with the data used when modeling cyber risk. Despite this debate, there is a unifying consensus that knowing the possible range of the financial impact of a cyber event is far more optimal than flying blind.

Over the past few months, a new info stealer has emerged. Erbium Stealer is developed by an underground Russian-based group that has been operating since July. The group seems to work very professionally, creating proper documentation and keeping their clients in the loop regarding new features on an almost weekly basis, via their Telegram channel.

A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer’s computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected a financial company’s email traffic and prevented customers from reaching its website in a failed attempt to convince the firm to rehire him at a greater salary.