Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it.
| | | LATEST SECURITY NEWS & COMMENTARY | | Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. FIN8 Modifies 'Sardonic' Backdoor to Deliver BlackCat Ransomware The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat. Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution. Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies. Pernicious Rootkits Pose Growing Blight On Threat Landscape Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures. VirusTotal Data Leak Affects 5K+ Users Some of the users who were impacted include the US Department of Justice, the NSA, and the FBI, alongside German intelligence agencies. Hacker Infected & Foiled by Own Infostealer A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. Linux Ransomware Poses Significant Threat to Critical Infrastructure Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions. Name That Toon: Shark Sighting Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | State of DDoS: Mid-Year Threat Report Killnet, REvil and Anonymous Sudan - it's been a busy quarter in the DDoS realm. Threat actor groups have been targeting Western organizations in an attempt to disrupt our way of life. If you're finding it hard to keep track ... Finding a Backup Strategy That Works For You You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... | | View More Dark Reading Webinars >> |
|
| | |
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
