The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, […]
Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes the form of email messages purportedly coming from a legitimate accounting service. The attackers are leveraging a legitimate email delivery platform, “SendInBlue” or […]
Video The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT 22 Mar 2024 This week, ESET researchers released an analysis showing a surge in the detections of AceCryptor, one of the most popular cryptors-as-a-service (CaaS) used to […]
Question: How do we keep initial access brokers from selling access to our networks to any ransomware actors who wants it? Ram Elboim, CEO, Sygnia: As ransomware continues to grow as a cyber threat, new specialization among cybercrime groups has given them an edge on efficiency. One of the fastest-growing areas of specialization involves operators […]
Events included Scalextric races, crazy golf, a shooting range, penalty shootout, curling, and basketball, with pastries and lunch provided to fuel the action. The day culminated in a tug-of-war competition, a charity ‘scavenger hunt’, and ‘pub quiz’ with medals and Easter eggs awarded to winners of the day’s various activities. As well as the sports […]
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to the victim workstation by exploiting the exposed […]
How often do you go somewhere without your phone? And how do you feel when you go somewhere with no signal? Let’s be honest, the majority of us would admit that going without our beloved devices close at hand causes a lot of stress. And the stats show it: studies show that nomophobia, the fear […]
JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. “Rapid7 originally identified and reported these vulnerabilities to us and has chosen to adhere strictly to its own vulnerability disclosure policy. This means that their team will publish full technical details of these vulnerabilities and […]
Welcome to CISO Corner, Dark Reading’s weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we’ll offer articles gleaned from across our news operation, The Edge, DR Technology, DR Global, and our Commentary section. We’re committed to bringing you a diverse set of perspectives to support the job of […]
Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce,” Semperis Source […]