January 18, 2024 at 11:10AM The U.S. government proposed a 15-year prison sentence for Conor Brian Fitzpatrick, the administrator of the BreachForums hacking platform. He was arrested for facilitating the trade of stolen data and using unauthorized access devices. The government also seeks penalties for possession of child pornography and restitution to victims. Fitzpatrick’s final … Read more
January 18, 2024 at 11:03AM COLDRIVER, a Russia-linked threat actor, has evolved its tactics to include creating and using its first custom malware in the Rust programming language. The group leverages PDF decoy documents in spear-phishing campaigns, targeting organizations in various sectors. Google TAG has observed the actor’s use of benign PDFs to deliver a … Read more
January 18, 2024 at 11:03AM Infostealer malware poses a significant risk to corporate information security by stealing credentials, cookies, and other data, leading to data breaches and ransomware distribution. Leaked credentials from breaches and infostealers are a substantial threat, prompting organizations to monitor and defend against them. Flare offers a solution to detect and mitigate … Read more
January 18, 2024 at 11:03AM Google’s Threat Analysis Group (TAG) has uncovered a Russian-backed hacking group, ColdRiver, spreading previously unknown backdoor malware through fake PDF decryption tools. The malware, named Spica, allows attackers to establish control over compromised devices and steal sensitive information. Google has taken action to protect users and has linked ColdRiver to … Read more
January 18, 2024 at 10:51AM Researchers from Jamf Threat Labs discovered a sneaky macOS backdoor hidden in trojanized apps on Chinese websites. The malware, “.fseventsd,” can compromise victims’ machines. It evades detection by imitating legitimate processes and uses a malicious library. The campaign highlights the risk from pirated apps and the increasing macOS targeting. Protection … Read more
January 18, 2024 at 10:38AM Two vulnerabilities in Citrix’s NetScaler ADC and Gateway products, CVE-2023-6548 and CVE-2023-6549, have been patched. The first allows remote code execution with authentication and access to specific IPs, while the second can lead to a denial-of-service attack. Customers are advised to update their affected products promptly to prevent exploitation. Key … Read more
January 18, 2024 at 10:29AM The latest version of the Chaes infostealer code contains secret messages praising threat hunters for analyzing their work. Additionally, intricate ASCII art pieces are hidden within the code. The malware developers also express gratitude to security researchers, including a special shout-out message to Morphisec researcher Arnold Osipov. The code mentions … Read more
January 18, 2024 at 10:07AM The passage discusses the author’s experience with AI and the need to integrate privacy into AI technologies. The author highlights the potential benefits and risks of AI and suggests steps to protect privacy, such as individualized models, closed systems, transparency, and data removal rights. It also advises current actions to … Read more
January 18, 2024 at 10:00AM Kusari, a software supply chain security startup, has secured $8 million in pre-seed and seed funding led by J2 Ventures and Glasswing Ventures, with support from Unusual Ventures. Founded by members of OpenSSF and CNCF, Kusari aims to provide transparency in the software supply chain with its GUAC tool, reducing … Read more
January 18, 2024 at 09:12AM Google has warned about the Russian threat group ColdRiver known for phishing attacks and developing custom malware. Tracked as Star Blizzard, Callisto Group, and others, the group is linked to Russia’s FSB. US and UK governments have issued warnings and sanctions. Google discovered the Spica backdoor malware used for cyberespionage … Read more