Recent Security News
-
Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant
October 13, 2023 at 03:59AM Void Rabisu, a threat actor associated with financially motivated ransomware attacks, has shifted its focus to targeted campaigns on Ukraine and countries supporting Ukraine. They have developed a new variant called ROMCOM, which they used in campaigns targeting EU military personnel and political leaders working on gender equality initiatives. The…
-
DarkGate Opens Organizations for Attack via Skype, Teams
October 13, 2023 at 03:24AM The DarkGate malware is being distributed through messaging platforms like Skype and Teams. Once installed, additional malicious payloads are introduced. The campaign has been most active in the Americas, followed by Asia, the Middle East, and Africa. DarkGate is a commodity loader that executes various actions, including remote access, cryptocurrency…
-
Squid games: 35 security holes still unpatched in proxy after 2 years, now public
October 12, 2023 at 08:26PM 35 vulnerabilities in the Squid caching proxy remain unfixed after more than two years, according to the person who reported them. The researcher found 55 flaws in Squid’s source code, but only 20 have been fixed. The remaining vulnerabilities do not have patches or workarounds, and some have not been…
-
FBI shares AvosLocker ransomware technical details, defense tips
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software…
-
Making the Case for Cryptographic Agility and Orchestration
October 12, 2023 at 06:39PM In summary, the text highlights the quantum threat to cybersecurity and the need for post-quantum cryptography (PQC) to protect against it. It discusses the importance of cryptographic agility and orchestration in managing and adapting to changing cryptographic algorithms. The text also emphasizes the ongoing PQC standardization process and the need…