What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
Follow Dark Reading:
 September 07, 2022
LATEST SECURITY NEWS & COMMENTARY
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks
What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools
The threat actor — whose techniques and procedures do not match known groups — has created custom attack tools, including a program that hides scripts in .PNG images.
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.
EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA
The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain attack.
Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware
This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.
3 Critical Steps for Reducing Cloud Risk
Having a better understanding of how clouds are built, connected, and managed helps organizations mitigate risks and reduce attack surfaces.
Botnets in the Age of Remote Work
Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.
Internet Security & Encryption Pioneer Peter Eckersley Passes at 43
The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure.
As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks
Hours after Los Angeles Unified School District hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects
The insecurities exist in CI/CD pipelines and can be used by attackers to subvert modern development and roll out malicious code at deployment.

The Makings of a Successful Threat-Hunting Program
Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers.

Researchers Spot Snowballing BianLian Ransomware Gang Activity
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.

MORE
EDITORS' CHOICE
Researchers Spot Snowballing BianLian Ransomware Gang Activity
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.
LATEST FROM THE EDGE

Name That Edge Toon: Mime's the Word
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

The 3 Fundamentals of Building an Effective IoMT Security Strategy
The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.
WEBINARS
  • Emerging Cyber Vulnerabilities That Every Enterprise Should Know About

    Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest-and potentially most impactful-vulnerabilities that have been discovered/...

  • Using Identity & Access Management to Improve Cyber Defense

    End user credentials have become a central target for online attackers, enabling them to navigate your enterprise systems as trusted users. As online attackers target these credentials and end users seek to gain access to a wider variety of applications ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing
(ISC)² Opens Global Enrollment for '1 Million Certified in Cybersecurity' Initiative
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The State of Supply Chain Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us