BMT Announcement

Harnessing the Power of CTEM for Cloud Security

Cloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What's more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was [...]

By |2024-04-03T08:30:51-05:00April 2nd, 2024|Categories: BMT Announcement|

Detecting Windows-based Malware Through Better Visibility

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that [...]

By |2024-04-01T12:17:30-05:00April 1st, 2024|Categories: BMT Announcement|

Russia Hackers Using TinyTurla-NG to Breach European NGO’s Systems

The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG. "The attackers compromised the first system, established persistence and added exclusions to antivirus products running on these endpoints as part of their preliminary [...]

By |2024-03-21T13:37:02-05:00March 21st, 2024|Categories: BMT Announcement|

Over 800 npm Packages Found with Discrepancies, 18 Exploitable to ‘Manifest Confusion’

New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been found to exploit a technique called manifest confusion. The findings come from cybersecurity firm JFrog, which said the issue could be exploited by threat actors [...]

By |2024-03-21T13:35:33-05:00March 21st, 2024|Categories: BMT Announcement|

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal [...]

By |2024-03-19T11:11:51-05:00March 18th, 2024|Categories: BMT Announcement|

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted [...]

By |2024-03-19T11:09:41-05:00March 18th, 2024|Categories: BMT Announcement|

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the [...]

By |2024-03-18T11:13:14-05:00March 16th, 2024|Categories: BMT Announcement|
Go to Top