Browsing Category
Malware and Vulnerabilities
77 posts
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo.
The package employing this steganographic trickery is requests-darwin-lite, which has been
New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data
Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm.
The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel
Ukrainian police detain cybercriminals trying to sell millions of stolen email and Instagram accounts
Ukrainian cyber police have detained three members of an organized criminal gang suspected of hijacking more than 100 million email and Instagram accounts from users across the world.
Fujitsu says it discovered malware on ‘multiple work computers’ that may expose customer data
Japanese tech corporation Fujitu warned its customers that personal information may have been obtained by hackers who deployed malware on multiple computers at the company’s offices.
Exclusive: After LockBit’s takedown, its purported leader vows to hack on
This week, the Click Here podcast landed a rare interview with the purported leader of the LockBit ransomware group — he goes by the name LockBitSupp.
Lazarus Group hackers appear to return to Tornado Cash for money laundering
North Korea’s Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November.
Network outages in Birmingham persist as city officials stay tight-lipped
The city of Birmingham, Alabama, is still experiencing outages limiting government services more than a week after a network “disruption” forced officials to switch to cash transactions and to take other temporary actions.
The water industry wants to write its own cybersecurity rules. Will Biden and Congress go for it?
When Iranian government operatives hacked into water utilities across the U.S. late last year, it was a chilling reminder of how vulnerable the water sector remains — and how tortuous the efforts to regulate its cybersecurity have been.
JetBrains vulnerability exploitation highlights debate over ‘silent patching’
Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities
Russian independent media outlet Meduza faces ‘most intense cyber campaign’ ever
The Russian independent media organization Meduza said that it has been targeted by an “unprecedented” cyber campaign ahead of the upcoming presidential election this month.