A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024.
Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin
The Hacker News – Read More
Post Content
darkreading – Read More
Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.
darkreading – Read More
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
darkreading – Read More
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.
darkreading – Read More
A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed.
Cyware News – Latest Cyber News – Read More
In a move away from traditional phishing scams, attackers are increasingly exploiting vulnerabilities in computer systems to gain initial network access, according to Mandiant’s M-Trends 2024 Report.
Cyware News – Latest Cyber News – Read More
Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies.
The post $10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors appeared first on SecurityWeek.
SecurityWeek – Read More
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.
darkreading – Read More
The GuptiMiner malware campaign, discovered by Avast, involved hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers. The campaign was orchestrated by a threat actor with possible ties to Kimsuky.
Cyware News – Latest Cyber News – Read More