Recent Security News
-
Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks
December 29, 2023 at 04:36AM North Korean state actors are using spear-phishing attacks to distribute various malware and backdoors to infiltrate compromised systems. An advanced persistent threat group known as Kimsuky is responsible for the malicious activity, with a focus on targeting entities in South Korea and expanding globally. The group has been sanctioned by…
-
CEO arranged his own cybersecurity, with predictable results
December 29, 2023 at 03:05AM In The Register’s On Call column, a consultant/client liaison for a security services provider shares a challenging experience with a banking client. After a state actor breach, the client’s panic purchase of defensive tools led to friction over pricing. Eventually, the CEO’s unannounced cybersecurity test caused further strain, requiring months…
-
Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks
December 29, 2023 at 01:06AM Microsoft has disabled the ms-appinstaller protocol handler by default due to abuse by threat actors distributing malware. Malicious MSIX application packages are used to deliver ransomware via Microsoft Teams or fake advertisements. Multiple financially motivated hacking groups have exploited the App Installer service. This is not the first time Microsoft…
-
Game mod on Steam breached to push password-stealing malware
December 28, 2023 at 04:20PM The popular Slay the Spire fan expansion, Downfall, was breached on Christmas Day, distributing the Epsilon information stealer malware via the Steam update system. The compromised package was a prepackaged standalone modified version of the game and not a mod installed via Steam Workshop. The attackers gained control of the…
-
Eagers Automotive halts trading in response to cyberattack
December 28, 2023 at 04:20PM Eagers Automotive, the largest car dealership operator in Australia and New Zealand, suffered a cyberattack, resulting in halting stock trading. With over 300 selling points for various brands and subsidiaries, the incident impacted its systems. While external experts are investigating, concern remains about potential customer data exposure. Other recent cyberattacks…