Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers
The operators of the Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims. "In the past, Gootkit used freeware installers to mask malicious files; now it uses...
Stop Putting Your Accounts At Risk, and Start Using a Password Manager
Image via Keeper
Right Now, Get 50% Off Keeper, the Most Trusted Name in Password Management.
In one way or another, almost every aspect of our lives is online, so it’s no surprise...
Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil Corp.
The tech giant said it observed the FakeUpdates (aka SocGholish) malware being delivered...
North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts
A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that's capable of stealing email content from Gmail and AOL.
Cybersecurity firm...
CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added the recently disclosed Atlassian security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2022-26138, concerns...
Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network
The decentralized file system solution known as IPFS is becoming the new "hotbed" for hosting phishing sites, researchers have warned.
Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the spam campaigns, said...
Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System
Spanish law enforcement officials have announced the arrest of two individuals in connection with a cyberattack on the country's radioactivity alert network (RAR), which took place between March and June 2021.
The...
AWS Focuses on Identity Access Management at re:Inforce
Identity and access management was front and center at AWS re:inforce this week....
Attackers Have 'Favorite' Vulnerabilities to Exploit
While attackers continue to rely on older, unpatched vulnerabilities, many are jumping on new vulnerabilities as soon as they are disclosed....
ICYMI: Dark Web Happenings Edition With Evil Corp., MSP Targeting & More
Dark Reading's digest of other "don't-miss" stories of the week — including a Microsoft alert connecting disparate cybercrime activity together, and an explosion of Luca Stealer variants after an unusual Dark...