The threat group uses its "Stargazers Ghost Network" to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.
Follow Dark Reading:
 July 25, 2024
LATEST SECURITY NEWS & COMMENTARY
'Stargazer Goblin' Amasses Rogue GitHub Accounts to Spread Malware
The threat group uses its "Stargazers Ghost Network" to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.
CrowdStrike Blames Crash on Buggy Security Content Update
CrowdStrike vows to provide customers with greater control over the delivery of future content updates by allowing granular selection of when and where these updates are deployed.
Chinese Forced-Labor Ring Sponsors Football Clubs, Hides Behind Stealth Tech
An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships — and defended with sophisticated anti-detection software.
Novel ICS Malware Sabotaged Water-Heating Services in Ukraine
Newly discovered "FrostyGoop" is the first ICS malware that can communicate directly with operational technology systems via the Modbus protocol.
China's 'Evasive Panda' APT Spies on Taiwan Targets Across Platforms
The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.
Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication
Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.
Attackers Exploit 'EvilVideo' Telegram Zero-Day to Hide Malware
An exploit sold on an underground forum requires user action to download an unspecified malicious payload.
Kaspersky Is an Unacceptable Risk Threatening the Nation's Cyber Defense
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nation-state adversaries.
Wanted: An SBOM Standard to Rule Them All
A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps
A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.

Quantum Leap: Advanced Computing Is a Vulnerable Cyber Target
At Black Hat USA, researchers from Bitdefender and Transilvania Quantum will showcase how attackers can target quantum-based infrastructure.

Navigating the Complex Landscape of Web Browser Security
The more we use the cloud, the more maintaining browser security becomes crucial.

In Cybersecurity, Mitigating Human Risk Goes Far Beyond Training
As threat actors get smarter about how they target employees, the onus is on organizations to create a strong line of defense — and the human element is a critical component.

Sizable Chunk of SEC Charges Against SolarWinds Tossed Out of Court
Judge dismisses claims against SolarWinds for actions taken after its systems had been breached, but allows the case to proceed for alleged misstatements prior to the incident.
AI Remains a Wild Card in the War Against Disinformation
Digital literacy and protective measures will be key to detecting disinformation and deepfakes as AI is used to shape public opinion and erode trust in the democratic processes, as well as identify nefarious content.

MORE
PRODUCTS & RELEASES
Check Point Research Reports Highest Increase of Global Cyber Attacks Seen in Last Two Years
Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Group
Threat Hunting Market Worth $6.9B by 2029
Seemplicity 2024 Remediation Operations Report: Rising Exposure Management Risk
EC-Council Democratizes Hands-On Cybersecurity Training With 8 Cyber Courses
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign
The good news: Only organizations far behind on standard Windows patching have anything to worry about.
LATEST FROM THE EDGE

Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs
Here's a dose of reality from those on the frontlines and how they're coping.
LATEST FROM DR TECHNOLOGY

Small Businesses Need Default Security in Products Now
Small businesses are increasingly being targeted by cyberattackers. Why, then, are security features priced at a premium?
LATEST FROM DR GLOBAL

Russia Adjusts Cyber Strategy for the Long Haul in War With Ukraine
Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine's military operations in myriad ways.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us