Malware news & analysis | SC Media

Malware

Multilingual malware attacks on industrial sector suppliers designed to thwart detection

International equipment and software suppliers for the industrial sector last May suffered targeted malware attacks that employed numerous unconventional techniques to evade detection, reports Kaspersky ICS CERT experts in a recent blog post.  Utilizing steganography to conceal malicious data within another file, while abusing legitimate web resources to host the malware, the attackers made it highly difficult to detect infection attempts — although Kaspersky…

malware under the magnifying glass

Malware in GitHub-hosted projects designed to spread among open-source developers

Twenty-six open-source projects hosted on GitHub repositories were found to be infected with malware and capable of serving up weaponized code to potential developers in a potential supply chain attack, the GitHub Security Lab has disclosed. An investigation into the incident turned up what GitHub described as a first: “malware designed to enumerate and backdoor…

Shiny Hunters’ latest hit: Minted among 73.1M records offered

More details have emerged about hacker group “Shiny Hunters’” prey this past month of more than 11 website victims, including Minted, a marketplace of independent illustrators and designers offering consumers items such as custom greeting cards. BleepingCompany reported that the Shiny Hunters is flooding the dark web with a combined total of 73.1 million user…

Mathway breach latest caper for Shiny Hunters

While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…

vulnerability

Modular backdoor sneaked into video game developers’ servers

A suspected Chinese APT group used a newly discovered modular backdoor to infect at least one video game developer’s build orchestration server and at least one other company’s game servers, researchers have reported. Although these attacks appear to have taken place prior to March, such incidents are now more important than ever to detect and…

Covid-related malspam campaign impersonates U.S. Treasury to steal taxpayer credentials

The advocacy group Abuse.ch has found a Covid-19-related malspam campaign that impersonates the U.S. Treasury Department and more than likely looks to steal a taxpayer’s credentials using a remote access trojan. In a recent Twitter post, the group shows a fraudulent letter from the Treasury Department that seeks to get the taxpayer to contact Treasury…

Six need-to-know takeaways from the Verizon breach report

Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…

Next post in Security News