The threat actor behind the notorious Dridex campaign has switched from using its exclusive credential-harvesting malware to a ransomware-as-a-service model, to make attribution harder.
Follow Dark Reading:
 June 03, 2022
LATEST SECURITY NEWS & COMMENTARY
US Sanctions Force Evil Corp to Change Tactics
The threat actor behind the notorious Dridex campaign has switched from using its exclusive credential-harvesting malware to a ransomware-as-a-service model, to make attribution harder.
'Clipminer' Malware Actors Steal $1.7 Million Using Clipboard Hijacking
The malware targets Windows users via Trojanized downloads of cracked or pirated software and then starts in on cryptocurrency mining and clipboard hijacking.
Fighting Follina: Application Vulnerabilities and Detection Possibilities
Although organizations should perform proper risk analysis and patch as soon as practical after there's a fix for this vulnerability, defenders still have options before that's released.
Building America's Cybersecurity Infrastructure
The government is putting the right skills and expertise in place to fight the rising cyber threat.
Phishers Having a Field Day on WhatsApp, Telegraph
A pair of phishing campaigns against users of WhatsApp and Telegram's Telegraph expose them to extortion, credential harvesting, and even account takeover.
Intel Chipset Firmware Actively Targeted by Conti Group
Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
New Microsoft Zero-Day Attack Underway
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.

EnemyBot Puts Enterprises in the Crosshairs With Raft of '1-Day' Bugs
EnemyBot DDoS botnet is rapidly weaponizing security bugs disclosed in CMS systems like WordPress plug-ins, Android devices, commercial Web servers, and other enterprise applications.

Security at the Edge: Why It's Complicated
Edge technology widens the attack surface by bringing data analysis closer to where it's collected. Now is the time for public and private sector groups to establish guidelines and identify security best-practices frameworks.

MORE
EDITORS' CHOICE

FluBot Android Malware Operation Disrupted, Infrastructure Seized
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.
LATEST FROM THE EDGE

Turbulent Cyber Insurance Market Sees Rising Prices and Sinking Coverage
As insurers and brokers reckon with unexpected losses, they're charging more for policies and setting higher requirements.
LATEST FROM DR TECHNOLOGY

QuSecure Carves Out Space in Quantum Cryptography With Its Vision of a Post-RSA World
NIST may be on the brink of revealing which post-quantum computing encryption algorithms it is endorsing, solidifying commercial developments like QuProtect.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Outsourcing Cybersecurity: A Decision Maker's Guide

    When it comes to cybersecurity, very few enterprises have all the skills and resources they need on staff. On today's market, your enterprise can outsource a wide variety of cyber tasks, from penetration testing to security monitoring to incident response. ...

  • Vendors as Your Largest BEC Threat

    The tactics that worked for your business five years ago likely aren't still working today, and cybercrime is no different. The CEO fraud that dominated the last few years is not nearly as successful as it used to be, partially ...
MORE WEBINARS
FEATURED REPORTS
  • State of the Cloud: A Security Perspective

    Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ...

  • Rethinking Endpoint Security in a Pandemic and Beyond

    IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ...
MORE REPORTS
CURRENT ISSUE

Breaches Prompt Changes to Enterprise IR Plans and Processes
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Netskope Acquires WootCloud, Extending Zero Trust Capabilities to Enterprise IoT
ReliaQuest to Acquire Digital Shadows
Lookout Acquires SaferPass To Address The Rising Threat Of Identity Theft
Help Organizations to Mitigate Risk in Microsoft 365 with 'Vectra Protect'
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us