This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers.
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union’s Most Wanted and INTERPOL’s RedRead More »Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Nicholas Moore pleaded guilty to repeatedly hacking the U.S. Supreme Court’s filing system and illegally accessing computer systems belonging to AmeriCorps and the Department of Veterans Affairs. The post Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System appeared first on SecurityWeek.
OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. “You need to know that your data and conversationsRead More »OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans
The specifics of the Grubhub hacking remain unclear.
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that’s designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. “The actor creates a malformed archive as an anti-analysis technique,” Expel security researcher Aaron Walton said in a report sharedRead More »GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection
Other noteworthy stories that might have slipped under the radar: BodySnatcher agentic AI hijacking, Telegram IP exposure, shipping systems hacked by researcher. The post In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack appeared first on SecurityWeek.
The company will use the investment to accelerate the adoption of its solution among financial institutions and digital businesses. The post Monnai Raises $12 Million for Identity and Risk Data Infrastructure appeared first on SecurityWeek.
More than a decade after Aaron Swartz’s death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he downloaded thousands of academic articles from the JSTOR archive with the intention of makingRead More »AI and the Corporate Capture of Knowledge
The startup is building the necessary infrastructure and tools to help organizations transition to post-quantum computing. The post Project Eleven Raises $20 Million for Post-Quantum Security appeared first on SecurityWeek.
