Counterfeit Windows 11 installers are being used by malicious actors to distribute the Vidar information-stealer malware, ZDNet reports.
Zscaler researchers discovered the emergence of newly registered domains impersonating the real download portal for Microsoft Windows 11 OS last month. The file on the fake website has been found to be an .ISO with the Vidar payload. Telegram channels with the same command-and-control server addresses in threat actors' social media profiles have also been opened. Attackers have been leveraging a static configuration for C2 access, as well as social media profiles as backup URLs, according to the report, which also revealed that several backdoored Adobe Photoshop versions have also been observed in a GitHub repository.
"The threat actors distributing Vidar malware have demonstrated their ability to social engineer victims into installing Vidar stealer using themes related to the latest popular software applications. As always, users should be cautious when downloading software applications from the Internet," said researchers.
Vulnerable SSH servers could be compromised to secure private RSA host keys through a new passive attack method that involves the observation of computational faults during the signing process that exposes the private keys, The Hacker News reports.
BleepingComputer reports that widely used 3D computer graphics software suite Blender has been impacted by site outages due to distributed denial-of-service attacks that have been ongoing since the weekend.
Network security: New tools for an aging art
The Latest Cybercriminal TTPs: How Public-Sector Defenders Can Stay Ahead
Playing network traffic cop in multi-cloud environments: A guide to detecting & restricting lateral movement
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news