What's New

Catch-IT: Update Google Chrome Now – Serious Security Flaw Identified

Google has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor. If you haven't done so already, we encourage you to update your Chrome browser ASAP. CVE-2023-5217 exists in the wild and this flaw could have allow criminals to sneakily install spyware [...]

By Sue Juter|2023-09-28T11:03:54-05:00September 28th, 2023|Categories: Catch IT, News|Tags: BMT, Catch-IT, Legal, Professional Services, Security, tech interest, technology|

China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a [...]

By Sue Juter|2023-09-28T12:28:26-05:00September 28th, 2023|Categories: BMT Announcement|

The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world. The limitations of Browser Isolation, such as degraded [...]

By Sue Juter|2023-09-28T12:23:50-05:00September 28th, 2023|Categories: BMT Announcement|

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors

A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this [...]

By Sue Juter|2023-09-27T12:30:45-05:00September 27th, 2023|Categories: BMT Announcement|

Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data

A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at [...]

By Sue Juter|2023-09-27T12:28:07-05:00September 27th, 2023|Categories: BMT Announcement|Tags: CyberSecurity|

ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families

Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs," Group-IB and [...]

By Sue Juter|2023-09-27T12:29:02-05:00September 26th, 2023|Categories: BMT Announcement|

Essential Guide to Cybersecurity Compliance

SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert's head spin. If you're embarking on your compliance journey, read on to discover the differences between standards, which is best for your business, and [...]

By Sue Juter|2023-09-27T08:23:45-05:00September 26th, 2023|Categories: BMT Announcement|

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET [...]

By Sue Juter|2023-09-25T08:25:51-05:00September 23rd, 2023|Categories: BMT Announcement|

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy [...]

By Sue Juter|2023-09-25T08:29:35-05:00September 23rd, 2023|Categories: BMT Announcement|

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware's developers [...]

By Sue Juter|2023-09-21T13:01:15-05:00September 21st, 2023|Categories: BMT Announcement|

The Rise of the Malicious App

Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a "hub" app, such as Salesforce, Google Workspace, or Microsoft 365. Security concerns center on the permission scopes that [...]

By Sue Juter|2023-09-21T12:58:07-05:00September 21st, 2023|Categories: BMT Announcement|

Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. "The site [...]

By Sue Juter|2023-09-20T13:26:38-05:00September 20th, 2023|Categories: BMT Announcement|

What’s New

Contact Us

Services

About BMT