Tag: attackers

Source URL: https://unit42.paloaltonetworks.com/?p=138378 Source: Unit 42 Title: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector Feedly Summary: Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners. The post RustDoor and Koi Stealer for macOS Used…

The Register: 200-plus impressively convincing GitHub repos are serving up malware

Feb 26, 2025

—

by

Source URL: https://www.theregister.com/2025/02/26/infosec_bytes/ Source: The Register Title: 200-plus impressively convincing GitHub repos are serving up malware Feedly Summary: Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious…

The Register: MITRE Caldera security suite scores perfect 10 for insecurity

—

by

Source URL: https://www.theregister.com/2025/02/25/10_bug_mitre_caldera/ Source: The Register Title: MITRE Caldera security suite scores perfect 10 for insecurity Feedly Summary: Is a trivial remote-code execution hole in every version part of the training, or? The smart cookie who discovered a perfect 10-out-of-10-severity remote code execution (RCE) bug in MITRE’s Caldera security training platform has urged users to…

Schneier on Security: North Korean Hackers Steal $1.5B in Cryptocurrency

—

by

Source URL: https://www.schneier.com/blog/archives/2025/02/north-korean-hackers-steal-1-5b-in-cryptocurrency.html Source: Schneier on Security Title: North Korean Hackers Steal $1.5B in Cryptocurrency Feedly Summary: It looks like a very sophisticated attack against the Dubai-based exchange Bybit: Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had…

Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

—

by

Source URL: https://www.cisa.gov/news-events/alerts/2025/02/25/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability Users and administrators are also encouraged…

CSA: Active Directory Hygiene as Part of Your NHI Security

—

by

Source URL: https://www.oasis.security/resources/blog/why-should-active-directory-hygiene-be-part-of-your-nhi-security-program Source: CSA Title: Active Directory Hygiene as Part of Your NHI Security Feedly Summary: AI Summary and Description: Yes Summary: The text provides a critical analysis of Active Directory (AD) hygiene in the context of modern hybrid environments, emphasizing its inadequacies in managing machine identities and associated security risks. It highlights the…

Hacker News: US employee screening giant DISA says hackers accessed data of 3M people

—

by

Source URL: https://techcrunch.com/2025/02/25/us-employee-screening-giant-disa-says-hackers-accessed-data-of-more-than-3m-people/ Source: Hacker News Title: US employee screening giant DISA says hackers accessed data of 3M people Feedly Summary: Comments AI Summary and Description: Yes **Summary:** DISA Global Solutions has confirmed a significant data breach affecting over 3.3 million individuals, involving sensitive personal and financial information. The breach highlights vulnerabilities in the organization’s…

The Register: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers

—

by

Source URL: https://www.theregister.com/2025/02/25/silver_fox_medical_app_backdoor/ Source: The Register Title: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers Feedly Summary: Sly like a PRC cyberattack A Chinese government-backed group is spoofing legitimate medical software to hijack hospital patients’ computers, infecting them with backdoors, credential-swiping keyloggers, and cryptominers.… AI Summary and Description: Yes Summary: The text…

The Register: Southern Water takes the fifth over alleged $750K Black Basta ransom offer

—

by