October 18, 2023 at 08:15AM A new campaign called Qubitstrike has emerged, targeting exposed Jupyter Notebooks to mine cryptocurrency and breach cloud environments. The threat actor, likely from Tunisia, uses the Telegram API to steal credentials and launch the attack. The primary payload is a shell script that executes a cryptocurrency miner, establishes persistence, and … Read more
October 13, 2023 at 09:19AM SecurityWeek provides a concise compilation of noteworthy cybersecurity stories. This week’s stories include the appeal of former Uber security chief Joe Sullivan against his conviction for covering up a data breach, a bounty offered for finding the NIST elliptic curve seeds, analysis of surveillance products by NSO Group competitor Intellexa, … Read more
October 11, 2023 at 11:41AM Attackers are using a new method of certificate abuse to spread info-stealing malware, including stealing cryptocurrency from Windows systems. The campaign involves search engine optimization poisoning to deliver malicious pages promoting illegal software downloads. The malware uses special certificates with long strings of non-English characters, making them difficult to detect. … Read more
October 10, 2023 at 12:16PM North Korean APT groups have increased collaboration and coordination during the COVID-19 pandemic. The lines are blurring between individual groups, making it difficult to determine responsibility for specific threat activities. North Korean actors are diversifying attacks, sharing tools and code, and targeting the supply chain. Collaboration between defenders, governments, and … Read more