Day: April 29, 2021
Ransomware gang Babuk claims DC’s Metropolitan Police was last caper – then goes dark
29 April 2021Babuk – the allegedly Russian-speaking ransomware gang targeting D.C.’s Metropolitan Police Department – posted on the dark web a message that it was shutting down, only to reverse course and pull the message from the site. (Alex Smith/CC0 1.0) Babuk – the allegedly Russian-speaking ransomware gang targeting D.C.’s Metropolitan Police Department – posted on the dark […]
Read More
Chinese Hackers Attacking Military Organizations With New Backdoor
29 April 2021Bad actors with suspected ties to China have been behind a wide-ranging cyberespionage campaign targeting military organizations in Southeast Asia for nearly two years, according to new research. Attributing the attacks to a threat actor dubbed “Naikon APT,” cybersecurity firm Bitdefender laid out the ever-changing tactics, techniques, and procedures adopted by the group, including weaving […]
Read More
LuckyMouse Hackers Target Banks, Companies and Governments in 2020
29 April 2021An adversary known for its watering hole attacks against government entities has been linked to a slew of newly detected intrusions targeting various organizations in Central Asia and the Middle East. The malicious activity, collectively named “EmissarySoldier,” has been attributed to a threat actor called LuckyMouse, and is said to have happened in 2020 with […]
Read More
A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks
29 April 2021The maintainers of Composer, a package manager for PHP, have shipped an update to address a critical vulnerability that could have allowed an attacker to execute arbitrary commands and “backdoor every PHP package,” resulting in a supply-chain attack. Tracked as CVE-2021-29472, the security issue was discovered and reported on April 22 by researchers from SonarSource, […]
Read More
How to Conduct Vulnerability Assessments: An Essential Guide for 2021
29 April 2021Hackers are scanning the internet for weaknesses all the time, and if you don’t want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving this is performing […]
Read More
Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years
29 April 2021A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind to harvest and exfiltrate sensitive information from infected systems. Dubbed “RotaJakiro” by researchers from Qihoo 360 NETLAB, the backdoor targets Linux X64 machines, and is so named after the fact that […]
Read More