Fog Ransomware Group Uses Unconventional Toolset, New Research Finds
The Fog ransomware group utilizes an uncommon toolset, including open-source pentesting utilities and an employee monitoring software.
High-Severity Vulnerabilities Patched in Tenable Nessus Agent
Three high-severity Tenable Agent vulnerabilities could allow users to overwrite and delete files, or execute arbitrary code, with System privileges. The post High-Severity Vulnerabilities Patched in Tenable Nessus Agent appeared first on SecurityWeek.
Canadian Airline WestJet Hit by Cyberattack
A cybersecurity incident at WestJet resulted in users experiencing interruptions when accessing the company’s application and website. The post Canadian Airline WestJet Hit by Cyberattack appeared first on SecurityWeek.
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below – eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub
The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM. The list is maintained on this page.
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. “Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in aRead More »Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Friday Squid Blogging: Stubby Squid
Video of the stubby squid (Rossia pacifica) from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Former CIA Analyst Unlawfully Transmits National Defense Data, Sentenced to Prison
A former CIA analyst was sentenced to three years and one month in prison for transmitting sensitive data.
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Cybersecurity researchers are calling attention to a “large-scale campaign” that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an “esoteric and educational programming style” that uses only a limited set ofRead More »Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month