RansomHub-linked EDR-killing malware spotted in the wild

August 18, 2024 at 09:57PM A new malware called EDRKillShifter has been identified by Sophos, using legitimate but vulnerable drivers to deliver ransomware to targets and disrupt endpoint detection and response software. Additionally, a critical vulnerability has been reported in SolarWinds Web Help Desk, while NetSuite SuiteCommerce and SiteBuilder sites are found to be exploitable. … Read more

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

August 13, 2024 at 03:57PM Summary: The text outlines various cybersecurity topics and events offered by SecurityWeek, including webcasts, virtual events, and the ICS Cybersecurity Conference. It also covers a wide range of topics such as malware, cybercrime, data breaches, ransomware, and security operations, along with discussions on risk management and CISO strategy. Based on … Read more

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

August 6, 2024 at 08:06AM North Korean threat actor Moonstone Sleet is distributing malicious npm packages to infect Windows systems. Security researchers are tracking the threat actor, which is linked to a newly discovered North Korean malicious activity cluster. The actor’s attack chains involve bogus ZIP archives and fake technical skills assessments to deliver malicious … Read more

Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning

August 5, 2024 at 09:42AM Summary: The text describes SecurityWeek’s various cybersecurity topics, including malware, cyberwarfare, data breaches, ransomware, and more. It also mentions ICS cybersecurity, webcasts, virtual events, funding, and M&A. The company offers content on a wide range of cybersecurity areas, making it a comprehensive resource for industry professionals. It seems like the … Read more

Massive OTP-Stealing Android Malware Campaign Discovered 

July 31, 2024 at 01:09PM The text outlines SecurityWeek’s focus areas, including cybersecurity news, webcasts, virtual events, and specific topics such as malware, cyberwarfare, data breaches, and various security technologies. It also highlights segments such as CISO strategy, supply chain security, and industrial cybersecurity, along with information on conferences, funding, and mergers and acquisitions. It … Read more

Selenium Grid Instances Exploited for Cryptomining

July 29, 2024 at 05:56AM Summary: SecurityWeek Network offers cybersecurity news, webcasts, virtual events, and a wide range of topics including malware, cyberwarfare, data breaches, ransomware, threat intelligence, and more with a focus on ICS cybersecurity, CISO strategy, industrial cybersecurity, and cybersecurity funding and M&A. It appears that the meeting notes contain a list of … Read more

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

July 25, 2024 at 11:03AM North Korea-linked threat actor APT45 is expanding into financially-motivated attacks using ransomware, marking a shift from traditional cyber espionage. It is associated with deploying ransomware families SHATTEREDGLASS and Maui, targeting entities in South Korea, Japan, and the U.S. The group is also linked to malware such as Dtrack and has … Read more

Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine

July 25, 2024 at 07:09AM SecurityWeek Network provides cybersecurity news, webcasts, and virtual events. Their offerings cover a wide range of topics including malware, cyberwarfare, data breaches, ransomware, and security operations. They also focus on areas such as risk management, privacy compliance, and CISO strategy, with specific emphasis on industrial cybersecurity and related financial activities. … Read more

Fake CrowdStrike fixes target companies with malware, data wipers

July 21, 2024 at 07:35PM Threat actors are exploiting the CrowdStrike glitch by targeting companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers and warns about phishing attempts. Malware campaigns impersonate CrowdStrike to distribute RATs and wipers. The faulty update affected 8.5 million Windows devices, leading to widespread disruption. CrowdStrike … Read more

North Korean Hackers Update BeaverTail Malware to Target MacOS Users

July 17, 2024 at 12:43PM Researchers have found a new variant of a stealer malware linked to North Korea, this time targeting job seekers with a malicious Apple macOS disk image file named “MiroTalk.dmg.” This malware, known as BeaverTail, can steal sensitive data from web browsers, crypto wallets, and iCloud Keychain. Additionally, a new malicious … Read more