Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration. As the incoming Biden administration continues to shake up federal leadership, the National Security Agency announced Friday that Rob Joyce, who is currently serving at the U.S. Embassy in London, was named to . . . Read more
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks. An additional piece of malware, dubbed Raindrop, has been unmasked in the sprawling SolarWinds supply-chain attacks. It was used in targeted attacks after the effort’s initial mass Sunburst compromise, researchers said. The SolarWinds espionage attack, which . . . Read more
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks. Researchers are warning a novel malware variant is targeting Linux devices, in order to add endpoints to a botnet to then be utilized in distributed-denial-of-service (DDoS) attacks and cryptomining. The malware . . . Read more
Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced.
Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. Google researchers have detailed a major hacking campaign that was detected in early 2020, which mounted a series of sophisticated attacks, some using zero-day flaws, against Windows and Android platforms. Working together, . . . Read more
Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers. A ransomware attack launched against gaming company Capcom last November keeps getting worse. The company now says that the personal data of up to . . . Read more
The BumbleBee web shell allows APT attackers to upload and download files, and move laterally by running commands. A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign that has targeted Microsoft Exchange servers at Kuwaiti organizations. According to researchers at Palo Alto Networks’ Unit 42, BumbleBee . . . Read more
Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon.
Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. . . . Read more
An examination of the malware gang’s payments reveals insights into its economic operations. The Ryuk ransomware has earned its operators an estimated $150 million, according to an examination of the malware’s money-laundering operations. Joint research released this week from Brian Carter, principal researcher at HYAS, and Vitali Kremez, CEO at . . . Read more