@WithSecure

90 Followers
9 Following
32 Posts
Cyber security from Europe. Trusted by the world. Formerly F-Secure Business.
WithSecureApr 26, 2023

NEWS: Notorious cyber crime group FIN7 is attacking companies using unpatched versions of Veeam’s Backup & Replication software.

The full research, including IOCs, timeline of events, and new tools used by FIN7, is available here>> https://labs.withsecure.com/publications/fin7-target-veeam-servers

#CyberAttack

FIN7 conducts attacks against Veeam backup servers

WithSecure Intelligence identified attacks which occurred in late March 2023 against internet-facing servers running Veeam Backup & Replication software. Our research indicates with high confidence that the intrusion set used in these attacks is consistent with activities attributed to the FIN7 activity group. It is likely that initial access & execution was achieved through a recently patched Veeam Backup & Replication vulnerability, CVE-2023-27532

WithSecureApr 7, 2023

"We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005.... Since then, we’ve been waiting for our enemies to make the same move, and after 18 years, the wait is over – malware with artificial intelligence has arrived."

Read "Malware and machine learning: A match made in hell" -by Mikko Hypponen in Help Net Security>> https://www.helpnetsecurity.com/2023/04/03/machine-learning-malware/

#cybersecurity #artificialintelligence #gpt4 #malware

Malware and machine learning: A match made in hell - Help Net Security

Detecting malicious behavior using machine learning is the best bet against malware that uses LLMs. This is best done with security products.

Help Net Security
Show threadWithSecureMar 1, 2023

While the campaigns were previously unreported, our DeepGuard technology is preventing these attacks.

However, previous research into OneNote attachments found many endpoint protection solutions parse these attachments incorrectly, making them effective tools for attackers.

Find out more about #Microsoft OneNote abuse, including practical advice for preventing and detecting these attacks, is available here -> https://www.withsecure.com/en/expertise/blog-posts/take-note-microsoft-onenote-abuse-and-how-to-tackle-it

And you can dig in deep here>> https://labs.withsecure.com/publications/detecting-onenote-abuse

Take Note –Microsoft OneNote abuse and how to tackle it

WithSecure has recently seen a spike in the use of OneNote attachments in phishing emails to infect victims with malware. Here's what you can do to tackle the problem.

WithSecureMar 1, 2023

NEW: WithSecure researchers are tracking a new spam campaign using malicious #OneNote files to trick users into downloading #malware.

The campaign has mostly hit organizations in France. Companies in the US, the UK & many European countries have also been affected.

The campaign’s emails look like short, generic replies to conversations.

WithSecureFeb 22, 2023

Worried about malicious OneNote attachments?

No need if you follow this advice, courtesy of Jojo O’Gorman and Riccardo Ancarani>> https://www.withsecure.com/en/expertise/blog-posts/take-note-microsoft-onenote-abuse-and-how-to-tackle-it

Take Note –Microsoft OneNote abuse and how to tackle it

WithSecure has recently seen a spike in the use of OneNote attachments in phishing emails to infect victims with malware. Here's what you can do to tackle the problem.

WithSecureFeb 15, 2023
We can't wait. #Disobey2023
WithSecureFeb 14, 2023
NEWS: @r0zetta discovers scam that uses thousands of YouTube videos to trick investors into participating in fraudulent USDT (also known as Tether) cryptocurrency schemes>> https://labs.withsecure.com/publications/usdt-crypto-scams
Analysis of YouTube USDT crypto scams

WithSecure™ Intelligence has discovered thousands of videos advertising fraudulent web-based apps that pose as USDT (Tether) investment schemes. These videos, hosted on YouTube, promise returns that scale on the amount of currency invested. YouTube channels with significant numbers of subscribers and view counts post new videos of this type on a daily basis. Some of the participating channels are even YouTube verified accounts.

Show threadWithSecureFeb 6, 2023
[10:03 AM] Sattler, Jason
 New data from WithSecure Intelligence on the ransomware campaign targeting servers around the globe:
WithSecureFeb 2, 2023

NEWS: North Korean attackers out themselves with an #OPSEC fail

WithSecure researchers link intelligence-gathering campaign targeting medical research and energy organizations back to North Korea’s Lazarus Group>> https://labs.withsecure.com/publications/no-pineapple-dprk-targeting-of-medical-research-and-technology-sector

No Pineapple! –DPRK Targeting of Medical Research and Technology Sector

During Q4 2022, WithSecure™ detected and responded to a cyber attack conducted by a threat actor that WithSecure™ have attributed with high confidence to an intrusion set referred to as Lazarus Group. Attribution with high confidence was based off of overlapping techniques tactics and procedures as well as an operational security mistake by the threat actor. Amongst technical indications, the incident observed by WithSecure™ also contains characteristics of recent campaigns attributed to Lazarus Group by other researchers.

WithSecureJan 10, 2023

It’s chilly. It’s dark. It’s Finland.

Step on up and work in the happiest country in the world.

Yes, we are hiring>> https://www.withsecure.com/us-en/about-us/careers-at-withsecure/open-jobs

Open Jobs in Cyber Security at WithSecure™

We're hiring! See open cyber security jobs and internships with WithSecure™ in IT, Marketing, Sales, Business Service, Sales, Customer Services and more.