XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

1 year ago

Html
Text

Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections.

Follow Dark Reading:

August 14, 2023

LATEST SECURITY NEWS & COMMENTARY

XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections. Security Pressures Mount Around AI's Promises & Peril Both threats to enterprises and career opportunities are being created by the escalation of generative AI and ChatGPT, warns Maria 'Azeria' Markstedter. As Phishing Gets Even Sneakier, Browser Security Needs to Step Up Perception Point's Din Serussi says browser extensions can help mitigate more sophisticated phishing techniques. Threat Intelligence Efforts, Investment Lagging, Says Opswat In an annual survey, 62% of respondents admited their threat intel efforts need stepping up. Rhysida Ransomware Trains Its Sights on Healthcare Operations The new group has already made an impact in multiple countries and industries, including a multistate hospital chain in the US. What CISA and NSA Guidance Means for Critical Infrastructure Security Strategically investing in solutions that meet you where you are makes all the difference in staying secure from cyber threats. Disposed-of Gadgets Can Lead to Wi-Fi Network Hacks, Kaspersky Says Wi-Fi settings are easily stolen when old gadgets are gotten rid of, which puts end users in the crosshairs for network attacks. Major Police Breach Endangers Safety of Officers & Civilians A mistake snowballs into a serious political issue as the safety of police officers in Northern Ireland is compromised in an accidental data leak. MORE NEWS / MORE COMMENTARY


HOT TOPICS
EvilProxy Cyberattack Flood Targets Execs via Microsoft 365 A campaign sent 120,000 phishing emails in three months, circumventing MFA to compromise cloud accounts of high-level executives at global organizations CISA: 'Whirlpool' Backdoor Sends Barracuda ESG Security Down the Drain Researchers have observed China's UNC4841 dropping the backdoor on Barracuda's email security appliances, in a spiraling cyber-espionage campaign. Cybersecurity: It's Time to Trust the Machines When it comes to cybersecurity automation, the pluses outweigh the minuses. Navigating Cybersecurity's Seas: Environmental Regulations, OT & the Maritime Industry's New Challenges Stringent efficiency measures in new environmental regulations create an unintended consequence for the shipping industry: increased cybersecurity risks in operational technology systems. MORE

EDITORS' CHOICE

Dell Credentials Bug Opens VMware Environments to Takeover Decoding private keys from even one Dell customer could give attackers control over VMware environments across all organizations running the same programs. LATEST FROM THE EDGE
What's in New York's 'First-Ever' Cyber Strategy? Governor Kathy Hochul has made cybersecurity a key priority, with New York's first chief cyber officer, Colin Ahern, leading the effort. LATEST FROM DR TECHNOLOGY
New LLM Tool Seeks and Remediates Vulnerabilities Vicarius launches vuln_GPT, which it says will generate and execute scripts to ameliorate flaws such as the TETRA backdoor. LATEST FROM DR GLOBAL
Raft of TETRA Zero-Day Vulnerabilities Endanger Industrial Communications Further TETRA-related vulnerabilities have been disclosed in base stations that run and decrypt the worldwide communications protocol for industrial systems.

WEBINARS

Protecting the Database: How to Secure Your Enterprise Data

For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ...

Where and When Automation Makes Sense For Enterprise Cybersecurity

A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ...

View More Dark Reading Webinars >>

WHITE PAPERS

9 Traits You Need to Succeed as a Cybersecurity Leader The Ultimate Guide to the CISSP Rediscovering Your Identity 2023 Global Future of Cyber Report Cybersecurity in a post pandemic world: A focus on financial services Cybersecurity in 2023 and beyond: 12 leaders share their forecasts Know your customer: Enable a 360-degree view with customer identity & access management

View More White Papers >>

FEATURED REPORTS

How to Use Threat Intelligence to Mitigate Third-Party Risk

The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...

Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

DARPA Taps RTX to Attune AI Decisions to Human Values Fortinet Announces Free Security Awareness Curriculum for K-12 Students Tied to White House's Cyber Initiatives SecurityGen Study Highlights Hidden Threat to 5G Mobile Networks From GTP-Based Cyberattacks Osano Secures $25M Series B to Advance Data Privacy Platform MORE PRODUCTS & RELEASES

CURRENT ISSUE

The Secrets of Successful SecOps Data Analytics
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

Achieving Optimal Security Outcomes Through Platformization Informationweek.com
Yesterday at 16:31
FEATURES EDITION | Microsoft Highlights Security Exposure Management at Ignite Informationweek.com
Yesterday at 14:31
Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant Informationweek.com
Last Friday at 14:04

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines

XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure

The Secrets of Successful SecOps Data Analytics

Share on

Other newsletters from Informationweek.com

Related newsletters

View other categories