The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
| | | LATEST SECURITY NEWS & COMMENTARY | | Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books. Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes Russian threat actor FIN17 has shifted gears multiple times in recent years, focusing now on helping ransomware groups be even more covertly effective. Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting. Microsoft: Scattered Spider Widens Web With RansomHub & Qilin The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue. IDF Has Rebuffed 3B Cyberattacks Since Oct. 7, Colonel Claims Israel's military computer systems have been under constant barrage in recent months. Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity. Name That Toon: Near Miss Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. The Need to Recruit Cyber Talent in the Government Bad actors are launching unprecedented waves of attacks against government agencies — and the federal government is woefully underprepared. MORE NEWS / MORE COMMENTARY | | | | | HOT TOPICS | AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers
In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested.
7 Tips for Navigating Cybersecurity Risks in M&As
Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition.
SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods
The cybercrime group demands ransoms of varying degrees, from thousands to even millions of dollars — in some cases, 2 bitcoin per encrypted customer.
GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln
The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago.
MORE |
| | | | PRODUCTS & RELEASES | | BlueVoyant Unveils Edge Security Operations Platform Secureworks Elevates State of Cybersecurity for Mid-Market Customers With Managed Detection and Response Offering The Linux Foundation and OpenSSF Release Report on the State of Education in Secure Software Development MORE PRODUCTS & RELEASES |
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
