#MalwareThreats

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

by

October 28, 2024 at 11:36AM In September 2024, three malicious npm packages were discovered containing BeaverTail malware, linked to North Korean campaigns targeting developers. The packages, now removed, included backdoored versions of popular libraries. Ongoing threats exploit the open-source ecosystem, highlighting developers as valuable targets in cyberattacks. ### Meeting Takeaways: Malware / Threat Intelligence – … Read more

Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

by

October 28, 2024 at 07:26AM Cybersecurity researchers warn of a rise in phishing attacks utilizing Webflow, targeting sensitive crypto wallet information and webmail credentials. Over 120 organizations, primarily in North America and Asia, are affected. Attackers exploit legitimate services to create deceptive phishing pages, increasing their success in stealing user credentials. ### Meeting Takeaways 1. … Read more

Black Basta ransomware poses as IT support on Microsoft Teams to breach networks

by

October 25, 2024 at 05:12PM Black Basta ransomware has shifted its social engineering tactics to Microsoft Teams, impersonating IT help desks to exploit employees. After inundating inboxes with emails, attackers contact users directly via Teams. Their goal is to trick employees into installing remote access tools, risking corporate networks. Organizations are advised to restrict external … Read more

New Qilin ransomware encryptor features stronger encryption, evasion

by

October 24, 2024 at 11:22AM The new Qilin.B ransomware, identified by Halcyon, features advanced encryption techniques and evasion strategies, targeting critical systems and processes to obstruct data recovery. It utilizes AES-256-CTR, ChaCha20, and RSA-4096 for robust encryption. The malware poses significant threats to networks, building on previous high-profile attacks. ### Meeting Takeaways: 1. **Introduction of … Read more

Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

by

October 22, 2024 at 06:22AM The Bumblebee malware loader may be reemerging after a law enforcement operation in May 2024. This malicious campaign highlights the potential revival of this threat. The information is reported by SecurityWeek. **Meeting Takeaways:** 1. **Resurgence of Bumblebee Malware Loader**: There is a new malicious campaign indicating that the Bumblebee malware … Read more

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies

by

October 22, 2024 at 06:18AM Two malware families, Bumblebee and Latrodectus, have resurfaced in new phishing campaigns following a law enforcement operation called Endgame. Both are malware loaders aimed at stealing personal data. The campaigns utilize malicious email attachments and links to deploy these threats, targeting sectors like finance, automotive, and business. ### Meeting Takeaways … Read more

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

by

October 15, 2024 at 11:54AM North Korean hackers are using a Linux variant of FASTCash malware to steal funds via compromised payment switches, facilitating unauthorized ATM withdrawals. The malware intercepts transaction messages to approve fraudulent transactions of 12,000 to 30,000 Lira. This highlights vulnerabilities in Linux server detection capabilities. **Meeting Takeaways: Financial Fraud / Linux … Read more

AI code helpers just can’t stop inventing package names

by

September 30, 2024 at 12:04AM Two recent studies highlight the issue of AI models generating fictitious software package names, raising concerns about the potential security risks. Researchers found that LLMs, including commercial and open-source models, exhibited significant rates of hallucinated package names, posing a threat to code quality and reliability. The studies emphasize the need … Read more

How to Plan and Prepare for Penetration Testing

by

September 27, 2024 at 07:30AM The advancing security technology is matched by adversaries implementing new techniques to enhance speed and impact while evading detection. Ransomware and malware remain prominent tools for cyber criminals, with hands-on intrusion techniques posing a threat. To manage risks, security practitioners seek penetration testing services, which involve detailed planning and preparation. … Read more

Cisco Patches High-Severity Vulnerabilities in IOS Software

by

September 26, 2024 at 09:19AM SecurityWeek Network offers cybersecurity news, webcasts, and virtual events. It covers various topics such as malware, cyberwarfare, data breaches, ransomware, and more. It also provides information on security operations, threat intelligence, incident response, and risk management. Additionally, it features sections on CISO strategy, industrial cybersecurity, funding, and M&A in cybersecurity. … Read more