Malicious .NET files conceal RATs in bitmap images

Laura FrenchMay 9, 2025

A recent malspam campaign revealed a payload nested within two .NET assemblies.

RESOURCES

Security Strategy, Plan, Budget
Cyber resilience is the strategy: Why business and security must align now
Critical Infrastructure Security
Mission-ready modernization: Building resilient government systems with AI and data
Leadership
CyberSG TIG Collaboration Centre RSAC 2025 interview: Benjamin C.K. Tee of National University of Singapore
AI benefits/risks
CyberSG TIG Collaboration Centre RSAC 2025 interview: Eng Choon Goh of ST Engineering
AI benefits/risks
CyberSG TIG Collaboration Centre RSAC 2025 interview: Dr. Edwin Lee of Cybernatics

PODCASTS

Vulnerability Management
Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland… – SWN #475
IoT
Are You Down With RDP? – PSW #873
Leadership
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks – Lenny Zeltser, Dr. Aleksandr Yampolskiy – BSW #394
Threat Intelligence
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen… – Rob Allen – SWN #474
Application security
AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats – Idan Plotnik, Vishal Gupta – ASW #329

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Laptop showing the national flag of Russia and a warning sign of malware. Illustration of the concept of cyber threats, DDOS and hacking activities related to Russia

Threat Intelligence

Google warns of Russian hackers ColdRiver wielding new malware tools

Shaun NicholsMay 9, 2025

The ColdRiver group has been spotted using a previously unknown piece of malware designated as “LostKeys.”

Vulnerability Management

SAP NetWeaver bug exploited since January, allows RCE

Steve ZurierMay 9, 2025

Remote code execution possible of SAP NetWeaver Visual Composer flaw rated 10.0.

Network Security

Attacks surge against antiquated routers, FBI warns

Shaun NicholsMay 8, 2025

Increase in attacks using malware known as “TheMoon" seen, says FBI.

Vulnerability Management

Cisco patches maximum severity vulnerability in IOS XE Software

Laura FrenchMay 8, 2025

A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.

Hard disk file locked with monitor show ransomware cyber attack internet security breaches. Malware lock file concept for security article i.e. WannaCry or WannaCrypt attack all over the world

Double-extortion tactics used in PowerSchool ransomware attack

Steve ZurierMay 8, 2025

Cloud provider paid a ransom. Its school district customers are now being extorted.

Data Hacked North Korea flag. North Korea flag with binary code.

North Korean hackers show telltale signs, researchers say

Shaun NicholsMay 8, 2025

North Korean groups give away their intentions with common blunders and activity patterns.

Most cyber insurance claims stem from BEC, fraud, report says

Laura FrenchMay 7, 2025

The Coalition 2025 Cyber Claims Report revealed an increase in severity of BEC losses in 2024.

Oil refinery plant from industry zone, Aerial view oil and gas industrial, Refinery factory oil storage tank and pipeline steel at night.

Critical Infrastructure Security

US warns oil and gas sectors of ‘unsophisticated’ cyberattacks

Steve ZurierMay 7, 2025

Advisory points to poor cyber hygiene in these sectors and acceleration of attacks via AI.

EVENTS