securityXspace: a blog about cyber-philosophy.

FireEye publishes the first part of a series about analysing Windows 10 to uncover the inner workings of malware families using tools like Volatility and Rekall. Source: Finding Evil in Windows 10 Compressed Memory, Part One: Volatility and Rekall Tools

Microsoft Security provides detail about the latest models deployed in Microsoft Defender ATP’s Antivirus: Source: New machine learning model sifts through the good to unearth the bad in evasive malware

I don’t know whether to laugh at the incompetence of Donald Trump or cry for the fate of the United States. This man clearly cannot spot when the wool is pulled over his eyes or when someone is openly taunting him. God bless America!

From Bruce Schneier’s blog: According to a survey: “68% of the security professionals surveyed believe it’s a programmer’s job to write secure code, but they also think less than half of developers can spot security holes.” And that’s a problem. Nearly half of security pros surveyed, 49%, said they struggle to get developers to make remediation…

The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed. Source: Popular Malware Families Using ‘Process Doppelgänging’ to Evade Detection

Meanwhile, remediation times are ballooning to a year or more in the case of malicious attacks, according to Ponemon Institute. Source: ThreatList: Human Error is Behind One Quarter of Data Breaches

Cybersecurity researchers have uncovered a new piece of mobile surveillance malware, believed to be developed by a Russian defence contractor that has been sanctioned for interfering with the 2016 U.S. presidential election, called Monokle. Source: New Android Spyware Created by Russian Defense Contractor Found in the Wild

Cyber-espionage group members are using fake LinkedIn profiles to gain their victim’s trust to open malicious documents Source: APT34 spread malware via LinkedIn invites

A former Siemens contractor has pledged guilty in federal court Friday to secretly planting code in automated spreadsheets he had created for the company over a decade ago that deliberately crashes the program every few years. Source: Siemens Contractor Pleads Guilty to Planting ‘Logic Bomb’ in Spreadsheets

Apple this week released a new set of patches to address various security flaws across its product portfolio, including 22 bugs impacting WebKit. read more Source: Apple Patches 22 Vulnerabilities in WebKit