-
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication Read More
-
Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control
February’s crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious consequences. Read more in my article on the Hot for Security blog. Read More
-
3.5 million Omni Hotel guest details held to ransom by Daixin Team
The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers stealing personal information about its customers. Read more in my article on the Exponential-E blog. Read More
-
Police smash LabHost international fraud network, 37 arrested
Police have successfully infiltrated and disrupted the fraud platform “LabHost”, used by more than 2,000 criminals to defraud victims worldwide. Read more in my article on the Tripwire State of Security blog. Read More
-
US Election Officials Told to Prepare for Nation-State Influence Campaigns
A US government advisory sets out actions election officials need to take to mitigate the impact of nation-state influence campaigns ahead of the November elections Read More
-
Other Attempts to Take Over Open Source Projects
After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular…
-
Trust in Cyber Takes a Knock as CNI Budgets Flatline
Bridewell report reveals critical infrastructure firms are losing faith in their defensive tooling Read More
-
UK Police Lead Disruption of £1m Phishing-as-a-Service Site LabHost
The Metropolitan Police and partners have disrupted the prolific LabHost phishing-as-a-service platform Read More
-
Smashing Security podcast #368: Gary Barlow, and a scam turns deadly
Take That’s Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn – for both the person being scammed and an innocent participant – in Ohio. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans…
-
Redline Stealer: A Novel Approach
A new packed variant of the Redline Stealer trojan was observed in the wild, leveraging Lua bytecode to perform malicious behavior. McAfee telemetry data shows this malware strain is very prevalent, covering North America, South America, Europe, and Asia and reaching Australia. Infection Chain GitHub is being abused to host the malware file at…